💼 34 Internal audit - Use of assurance reports from third parties

Contextual name: 💼 34 Internal audit - Use of assurance reports from third parties
ID: /frameworks/apra-cpg-234/34
Located in: 💼 APRA CPG 234

Description

Empty...

Section	Sub Sections	Internal Rules	Policies	Flags
💼 86 Under CPS 234, an APRA-regulated entity’s internal audit function must assess the information security control assurance provided by a third party or related party in certain circumstances. Where that assessment identifies material deficiencies in the information security control assurance provided by the third party or related party, or no assurance is available, this would typically be highlighted in reporting to the Board.