On this page💼 29 Incident management - Third parties and related parties ID: /frameworks/apra-cpg-234/29 Description​ Empty... Similar​ Internal ID: dec-b-4139c4ab Sub Sections​ SectionSub SectionsInternal RulesPoliciesFlagsCompliance💼 75 In APRA’s view, a regulated entity would benefit from agreeing each party’s roles and responsibilities where incident response requires collaboration and coordination between the regulated entity and third parties or related parties. This could involve formalisation of points of integration between third party and related party incident response plans and involvement of third parties and related parties in incident response testing.no data💼 76 APRA-regulated entities that place reliance on the information security capabilities of third parties and related parties as part of a broader service provision arrangement would typically seek evidence of the periodic testing of incident response plans by those parties.no data