💼 44 APRA-regulated entities could consider low likelihood scenarios, which could result in an extreme impact to the regulated entity (i.e. plausible worst case). Extreme impacts can be financial or non-financial (e.g. reputational or regulatory), potentially threatening the ongoing ability of the APRA-regulated entity to meet its obligations.

Contextual name: 💼 44 APRA-regulated entities could consider low likelihood scenarios, which could result in an extreme impact to the regulated entity (i.e. plausible worst case). Extreme impacts can be financial or non-financial (e.g. reputational or regulatory), potentially threatening the ongoing ability of the APRA-regulated entity to meet its obligations.
ID: /frameworks/apra-cpg-234/16/44
Located in: 💼 16 Implementation of controls - Minimise exposure to plausible worst case scenarios

Description

Empty...

Section	Internal Rules	Policies
💼 44a malicious acts by an insider with highly-privileged access, potentially involving collusion with internal or external parties;	1	1
💼 44b deletion or corruption of both production and backup data, either through malicious intent, user error or system malfunction;	6	7
💼 44c loss of, or unauthorised access to, encryption keys safeguarding extremely critical or sensitive information assets.	8	10