How many controls does APRA Prudential Standard CPS 234 have?

APRA Prudential Standard CPS 234 contains 19 controls organized across 5 domains.

Where does APRA Prudential Standard CPS 234 apply?

APRA Prudential Standard CPS 234 is applicable in Australia (APRA). Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does APRA Prudential Standard CPS 234 map to?

APRA Prudential Standard CPS 234 has control-to-control mappings with 321 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with APRA Prudential Standard CPS 234 compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

APRA Prudential Standard CPS 234 — Information Security (Australia)

APRA Prudential Standard CPS 234 (effective July 2019) establishes information security requirements for APRA-regulated entities in Australia: authorised deposit-taking institutions (banks), general insurers, life insurance companies, private health insurers, and registrable superannuation entity (RSE) licensees. CPS 234 requires entities to maintain an information security capability commensurate with the size and extent of threats to their information assets.

Domains

Third-Party Management and Testing

Incident Management and Notification

Information Asset Management and Controls

Information Security Capability

Board and Governance Responsibilities

Frequently Asked Questions

Map APRA Prudential Standard CPS 234 — Information Security (Australia) to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform