💼 74 Under CPS 234, an APRA-regulated entity must annually review and test its information security response plans to ensure they remain effective and fit-for-purpose. It is important that the success criteria for such tests are clearly defined, including the circumstances under which re-testing would be required. Test results could be reported to the appropriate governing body or individual, with associated follow-up actions formally tracked and reported.
- Contextual name: 💼 74 Under CPS 234, an APRA-regulated entity must annually review and test its information security response plans to ensure they remain effective and fit-for-purpose. It is important that the success criteria for such tests are clearly defined, including the circumstances under which re-testing would be required. Test results could be reported to the appropriate governing body or individual, with associated follow-up actions formally tracked and reported.
- ID:
/frameworks/apra-cpg-234/28/74 - Located in: 💼 28 Incident management - Incident response testing
Description​
Empty...
Similar​
- Internal
- ID:
dec-c-73099f80
- ID:
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|