Solutions
Industries
Moody's Analytics Brands
A-Z Product List
Access Online Products
Moody's Analytics Product Training
Learn about the Moody's Analytics CECL solution
Featured Solution
Current Expected Credit Loss
Moody's Analytics Featured Product
Featured Product
The CreditLens™ Platform
Moody's Analytics Partner Alliance
Moody's Analytics PartnerAlliance
Delivering Solutions Worldwide
Insights
Regulatory News
Webinars-on-Demand
Moody's Analytics Risk Perspectives
Meet Our Experts
Connect With Us
Moody's Analytics Risk Perspectives Magazine
NEWEST EDITION
Risk Perspectives: Managing Disruption
Moody's Analytics Risk Practitioner Community
FEATURED USER GROUP
Risk Practitioner Community
Meet Moody's Analytics Subject Matter Experts
SUBJECT MATTER EXPERTS
Meet Our Leading Experts
Events Calendar
Training
Inquire About Upcoming Events
Meet Our Experts
Connect with us in social media
SOCIAL MEDIA
Connect With Us
Search career opportunities at Moody's Analytics
CAREERS
Search Job Opportunities
Moody's Analytics Conferences
CALENDAR
Events and Webinars
About Us
Regions
Office Locations
Partner With Us
Connect With Us
Join Us
Learn about Moody's Analytics awards
AWARDS
Industry Recognition
Press Releases and News
NEWS
News and Press Releases
Search career opportunities at Moody's Analytics
CAREERS
Search Job Opportunities

APRA Proposes Amendments to CPG 234 Related to Information Security

By Regulatory News

March 25, 2019

APRA is proposing the cross-industry Prudential Practice Guide 234 Information Security (CPG 234), which will replace the existing CPG 234 Management of Security Risk in Information and Information Technology. Comments are requested by May 17, 2019.

APRA released, in November 2018, a new Prudential Standard CPS 234 Information Security (CPS 234) that applies to all APRA-regulated entities from July 01, 2019. When releasing CPS 234, APRA noted that it would consult on an updated CPG 234. The CPG 234 is designed to assist regulated entities in complying with CPS 234 on an ongoing basis and conveys observations of APRA on what constitutes good practice in information security. The key matters covered in the updated draft CPG 234 include the following:

  • Guidance on information asset identification and classification
  • Details to assist APRA-regulated entities when notifying APRA of information security incidents and information control weaknesses, as required under CPS 234
  • Various matters for which APRA, through its ongoing supervision, has identified deficiencies in the practices of regulated entities

The guide is aimed at boards and senior management as well as risk and information technology experts within regulated entities. It outlines how entities can maintain information security capabilities commensurate with the size and complexity of their business and the sensitivity of the data they possess. It also explains how entities can optimize their resilience when aspects of their information security are managed by third parties.

 

Related Links

Comment Due Date: May 17, 2019

Keywords: Asia Pacific, Australia, Banking, Insurance, CPS 234, CPG 234, Information Security, APRA

Related Articles
News

US Agencies Consult on Capital Treatment of Land Development Loans

US Agencies (FDIC, FED, and OCC) issued a proposed rule on the treatment of loans that finance the development of land for purposes of the one- to four-family residential properties exclusion in the definition of high volatility commercial real estate (HVCRE) exposure in the regulatory capital rule.

July 12, 2019 WebPage Regulatory News
News

EBA Single Rulebook Q&A: Second Update for July 2019

Under the Single Rulebook question and answer (Q&A) updates for this week, EBA published answers to five questions related to supervisory reporting.

July 12, 2019 WebPage Regulatory News
News

ESMA Updates Manual for European Single Electronic Format in EU

ESMA updated the reporting manual for European Single Electronic Format (ESEF).

July 12, 2019 WebPage Regulatory News
News

FED Updates Supplemental Instructions for Reporting Form FR Y-9C

FED updated the supplemental instructions for FR Y-9C reporting.

July 12, 2019 WebPage Regulatory News
News

EBA Publishes Report on Monitoring Implementation of LCR in EU

EBA published its first report on the monitoring of the implementation of liquidity coverage ratio (LCR) in EU.

July 12, 2019 WebPage Regulatory News
News

EIOPA Consults on Reporting and Disclosures Under Solvency II Review

EIOPA launched a consultation package on supervisory reporting and public disclosure in the context of its work linked with the 2020 Solvency II review.

July 12, 2019 WebPage Regulatory News
News

APRA Applies Additional Capital Requirements to Three Australian Banks

APRA is applying additional capital requirements to three major banks in Australia to reflect higher operational risk identified in their risk governance self-assessments.

July 11, 2019 WebPage Regulatory News
News

IMF Report on 2019 Article IV Consultation on Euro Area Policies

IMF published its staff report in context of the 2019 Article IV consultation on euro area policies with member countries.

July 11, 2019 WebPage Regulatory News
News

FSB to Survey Practices on Cyber Incident Response and Recovery

FSB launched a survey on the industry practices on cyber incident response and recovery.

July 11, 2019 WebPage Regulatory News
News

ECB Appoints New Members of Supervisory Board

The Governing Council of ECB appointed Edouard Fernandez-Bollo, Kerstin af Jochnick, and Elizabeth McCaul as representatives to the Supervisory Board of ECB Banking Supervision, for a five-year non-renewable term.

July 11, 2019 WebPage Regulatory News
RESULTS 1 - 10 OF 3441

© Copyright 2019 Moody's Analytics, Inc. and/or its licensors and affiliates. All Rights Reserved.