Information SecurityAustralia (APRA)

APRA Prudential Standard CPS 234 — Information Security (Australia)

APRA Prudential Standard CPS 234 (effective July 2019) establishes information security requirements for APRA-regulated entities in Australia: authorised deposit-taking institutions (banks), general insurers, life insurance companies, private health insurers, and registrable superannuation entity (RSE) licensees. CPS 234 requires entities to maintain an information security capability commensurate with the size and extent of threats to their information assets.

Domains

Third-Party Management and Testing

Incident Management and Notification

Information Asset Management and Controls

Information Security Capability

Board and Governance Responsibilities

Compare APRA Prudential Standard CPS 234 — Information Security (Australia)

APRA Prudential Standard CPS 234 — Information Security (Australia) vs ISO 27001:2022View comparison →APRA Prudential Standard CPS 234 — Information Security (Australia) vs SOC 2View comparison →APRA Prudential Standard CPS 234 — Information Security (Australia) vs NIST CSF 2.0View comparison →APRA Prudential Standard CPS 234 — Information Security (Australia) vs GDPRView comparison →APRA Prudential Standard CPS 234 — Information Security (Australia) vs HIPAAView comparison →APRA Prudential Standard CPS 234 — Information Security (Australia) vs PCI DSS 4.0View comparison →

APRA Prudential Standard CPS 234 — Information Security (Australia) by Industry

APRA Prudential Standard CPS 234 — Information Security (Australia) by Role

APRA Prudential Standard CPS 234 — Information Security (Australia) for CISOs→APRA Prudential Standard CPS 234 — Information Security (Australia) for Compliance Officers→APRA Prudential Standard CPS 234 — Information Security (Australia) for Risk Managers→APRA Prudential Standard CPS 234 — Information Security (Australia) for IT Directors→APRA Prudential Standard CPS 234 — Information Security (Australia) for DPOs→APRA Prudential Standard CPS 234 — Information Security (Australia) for Auditors→

Frequently Asked Questions

What is APRA Prudential Standard CPS 234?

How many controls does APRA Prudential Standard CPS 234 have?

APRA Prudential Standard CPS 234 contains 19 controls organized across 5 domains.

Where does APRA Prudential Standard CPS 234 apply?

APRA Prudential Standard CPS 234 is applicable in Australia (APRA). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does APRA Prudential Standard CPS 234 map to?

APRA Prudential Standard CPS 234 has control-to-control mappings with 321 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with APRA Prudential Standard CPS 234 compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

How ready are you for APRA Prudential Standard CPS 234 — Information Security (Australia)?

Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.

Explore Platform Free

Information SecurityAustralia (APRA)

APRA Prudential Standard CPS 234 — Information Security (Australia)

Domains

Third-Party Management and Testing

Incident Management and Notification

Information Asset Management and Controls

Information Security Capability

Board and Governance Responsibilities

Compare APRA Prudential Standard CPS 234 — Information Security (Australia)

APRA Prudential Standard CPS 234 — Information Security (Australia) by Industry

APRA Prudential Standard CPS 234 — Information Security (Australia) by Role

Frequently Asked Questions

What is APRA Prudential Standard CPS 234?

How many controls does APRA Prudential Standard CPS 234 have?

APRA Prudential Standard CPS 234 contains 19 controls organized across 5 domains.

Where does APRA Prudential Standard CPS 234 apply?

APRA Prudential Standard CPS 234 is applicable in Australia (APRA). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does APRA Prudential Standard CPS 234 map to?

APRA Prudential Standard CPS 234 has control-to-control mappings with 321 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with APRA Prudential Standard CPS 234 compliance?

How ready are you for APRA Prudential Standard CPS 234 — Information Security (Australia)?

Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.

Explore Platform Free