⭐ Repository → 💼 APRA CPG 234

💼 24 Implementation of controls - Emerging technologies

• ID: /frameworks/apra-cpg-234/24

Description

Empty...

Similar

• Internal
  • ID: dec-b-ad233763

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 60 New technologies potentially introduce a set of additional information security vulnerabilities, both known and unknown. An APRA-regulated entity would typically apply appropriate caution when considering the introduction of new technologies.					no data
💼 61 Typically, an APRA-regulated entity would only authorise the use of new technologies in a production environment where the technology:	2				no data
💼 61a has matured to a state where there is a generally agreed set of industry-accepted controls to manage the security of the technology;					no data
💼 61b compensating controls are sufficient to reduce residual risk within the entity’s risk appetite.					no data
💼 62 An APRA-regulated entity could find it useful to develop a technology authorisation process and maintain an ‘approved technology register’ to facilitate this. The authorisation process would typically assess the benefits of the new technology against the impact of an information security compromise, including an allowance for uncertainty.					no data