APRA has released the final version of Prudential Standard CPS 234 on Information Security. This follows a period of industry consultation and responses to submissions on the draft standard released back in March 2018

In response to submissions received, APRA has confirmed:

APRA has also provided further clarification on other requirements in the standard relating to:

To assist regulated entities with implementing the requirements of the new standard, APRA will be updating Prudential Practice Guide CPG 234 in the first half of 2019. In preparation, and as recommended in our previous article, regulated entities should assess their current information security control environment, identify any gaps, and develop and execute action plans to address any shortfalls. With its broad scope of security services, Alcorn Group can assist organisations with performing these assessments, as well as provide ongoing support for meeting the new requirements beyond the effective date.

Contact Us