💼 65 An APRA-regulated institution would usually consider whether information security considerations are appropriately captured in contractual obligations and oversight arrangements. The regulated entity would also consider the scope, depth and independence of any certifications, attestations and assurance provided and take steps to address any limitations identified.
- Contextual name: 💼 65 An APRA-regulated institution would usually consider whether information security considerations are appropriately captured in contractual obligations and oversight arrangements. The regulated entity would also consider the scope, depth and independence of any certifications, attestations and assurance provided and take steps to address any limitations identified.
- ID:
/frameworks/apra-cpg-234/25/65 - Located in: 💼 25 Implementation of controls - Information assets managed by third parties and related parties
Description​
Empty...
Similar​
- Internal
- ID:
dec-c-cd57f490
- ID:
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|