Prudential Standard CPS 234, which outlines the information security requirements that APRA regulated organisations must comply with, is a mandatory regulation issued by APRA to ensure that your organisation’s information assets remain safe and secure from breaches.
In order to increase the rigour of compliance of CPS 234, Boards of regulated entities are required to engage third party independent Auditors to undertake a thorough CPS 234 compliance audit, with the results reported to both the Board and APRA.
APRA has developed a program of tripartite independent information security compliance reviews across all its regulated industries to ensure these audits are being conducted and the entities are complying with the Standard. It has recently begun issuing notifications to regulated financial institutions advising them to start preparing for these reviews.
All APRA-regulated entities, which include:
Compliance with the Standard will ensure the following within your organisation:
As cybercriminals and their programs become more advanced, so too should Australian cybersecurity systems – and CPS 234 ensures that these businesses continue to develop and maintain their online defences. It goes without saying that non-compliant organisations are operating at a much higher risk of being exposed to a cyber security breach, including business interruption, confidential records being compromised or fraud. Additionally, formal enforcement action may be taken for non-compliance and potential breach notices could be issued by APRA.
In order to meet the CPS 234 Standard, your organisation needs to employ an independent Auditor to undertake a thorough audit.
Centium is uniquely qualified to perform the requisite compliance audit and report as per Australian Standard on Assurance Engagements ASAE 3100 Compliance Engagements (ASAE 3100), issued by the Auditing and Assurance Standards Board.
If your organisation needs a helping hand in complying with APRA’s CPS 234 Standard in order to increase your security and better manage your information assets, Centium is more than happy to discuss how we can help you.
For more information, please contact Scott Thomson, Director Cyber & IT on 0412 562 797 or firstname.lastname@example.org.
For further information about our service, team and experience, refer to our capability infosheet. If we can assist you, please don't hesitate to get in touch.