💼 e. minimising the collection of sensitive customer information beyond what is relevant to the business activities undertaken. This includes customer information used for the purposes of authentication, such as passwords/PINS.
- Contextual name: 💼 e. minimising the collection of sensitive customer information beyond what is relevant to the business activities undertaken. This includes customer information used for the purposes of authentication, such as passwords/PINS.
- ID:
/frameworks/apra-cpg-234/f/1/e - Located in: 💼 1 Products and services delivered via digital channels can introduce additional information security vulnerabilities which, if exploited, could result in potentially material information security incidents impacting beneficiaries. APRA-regulated entities would typically implement preventative, detective and response controls commensurate with these risks. Common controls include:
Description​
Empty...
Similar​
- Internal
- ID:
dec-c-bf70c0ec
- ID:
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|