πΌ 44c loss of, or unauthorised access to, encryption keys safeguarding extremely critical or sensitive information assets.
- Contextual name: πΌ 44c loss of, or unauthorised access to, encryption keys safeguarding extremely critical or sensitive information assets.
- ID:
/frameworks/apra-cpg-234/16/44/c - Located in: πΌ 44 APRA-regulated entities could consider low likelihood scenarios, which could result in an extreme impact to the regulated entity (i.e. plausible worst case). Extreme impacts can be financial or non-financial (e.g. reputational or regulatory), potentially threatening the ongoing ability of the APRA-regulated entity to meet its obligations.
Descriptionβ
Empty...
Similarβ
- Internal
- ID:
dec-c-5f881048
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (10)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS ACM Certificate Expired π’ | 1 | π’ x6 |
| π AWS IAM Server Certificate is expired π’ | 1 | π’ x6 |
| π AWS IAM User Access Keys are not rotated every 90 days or less π’ | 1 | π’ x6 |
| π AWS IAM User has more than one active access key π’ | 1 | π’ x6 |
| π AWS KMS Symmetric CMK Rotation is not enabled π’ | 1 | π’ x6 |
| π Azure Non-RBAC Key Vault stores Keys without expiration date π’ | 1 | π’ x6 |
| π Azure Non-RBAC Key Vault stores Secrets without expiration date π’ | 1 | π’ x6 |
| π Azure RBAC Key Vault stores Keys without expiration date π’ | 1 | π’ x6 |
| π Azure RBAC Key Vault stores Secrets without expiration date π’ | 1 | π’ x6 |
| π Azure Storage Account Access Key Rotation Reminders are not enabled π’ | π’ x3 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-0feec790 | 2 | |
| βοΈ dec-x-4d6fee7a | 1 | |
| βοΈ dec-x-12a85339 | 1 | |
| βοΈ dec-x-82ca4127 | 2 | |
| βοΈ dec-x-689858b5 | 1 | |
| βοΈ dec-x-30795016 | 1 | |
| βοΈ dec-x-b6d97943 | 1 | |
| βοΈ dec-x-bcb0c78f | 1 |