💼 44 APRA-regulated entities could consider low likelihood scenarios, which could result in an extreme impact to the regulated entity (i.e. plausible worst case). Extreme impacts can be financial or non-financial (e.g. reputational or regulatory), potentially threatening the ongoing ability of the APRA-regulated entity to meet its obligations.
- ID:
/frameworks/apra-cpg-234/16/44
Description​
Empty...
Similar​
- Internal
- ID:
dec-c-ff304eef
- ID:
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 44a malicious acts by an insider with highly-privileged access, potentially involving collusion with internal or external parties; | 1 | 1 | no data | ||
| 💼 44b deletion or corruption of both production and backup data, either through malicious intent, user error or system malfunction; | 6 | 7 | no data | ||
| 💼 44c loss of, or unauthorised access to, encryption keys safeguarding extremely critical or sensitive information assets. | 8 | 10 | no data |