Request a Demo

Fill in the form below and we will contact you shortly to organised your personalised demonstration of the Noggin platform.

The Noggin Platform

The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.

Learn More
Resilience Management Buyers Guide - Thumbnail
A Resilience Management Software Buyer's Guide
Access the Guide

Who We Are

The world’s leading platform for integrated safety & security management.

Learn More

CPS 234 Guide for APRA Entities

Best Practice Guide

About Prudential Standard CPS 234 Information Security

The failure of just one regulated institution can undermine the stability of the financial system. For that reason, APRA is obliged to maintain a low incidence of failure among the entities it regulates.

Of course, APRA can only do so much. Instead, it must compel the management and directors of those entities (most likely the Board of Directors) to ensure that their own institutions remain sound.

APRA primarily does so through the imposition of prudential standards. The reason they are put into place is to increase the resilience to business disruption arising from internal and external events and reduce impact on business operations, reputation, profitability, depositors, policyholders, and other stakeholders.

Key standards address capital adequacy, liquidity, and governance to ensure that systemic risks (i.e., risks that would endanger the system as a whole) are properly managed. Information security falls under this rubric, as well.

Information security, particularly data breaches, is of ever-increasing concern for APRA-regulated entities; finance and insurance routinely top the ranks of the most vulnerable sectors to data breaches. And so, in July 2019, APRA released Prudential Standard CPS 234 Information Security, to which the subsequent guide provides a primer.

Download the full guide to continue reading >>

Download the Free Guide