APRA wants to hear about IT security risks
The Australian Prudential Regulation Authority (APRA) is seeking input on an information technology (IT) security risk guide – even though it isn’t intended to replace current industry standards.
Interested parties have until June 5 to make submissions on APRA’s draft prudential practice guide on the management of IT risks by its regulated institutions.
APRA says the draft guide outlines the measures regarded as sound practice, and addresses areas where IT security risk management weaknesses continue to be identified.
“The [guide] is not intended to replace existing industry standards and guidelines on IT security,” the regulator said in a statement.
“Instead, it provides a set of sound principles for safeguarding IT assets by managing risks and implementing appropriate controls.”
The guide is intended for use by senior management, risk management and security specialists (management and operational).
Interested parties have until June 5 to make submissions on APRA’s draft prudential practice guide on the management of IT risks by its regulated institutions.
APRA says the draft guide outlines the measures regarded as sound practice, and addresses areas where IT security risk management weaknesses continue to be identified.
“The [guide] is not intended to replace existing industry standards and guidelines on IT security,” the regulator said in a statement.
“Instead, it provides a set of sound principles for safeguarding IT assets by managing risks and implementing appropriate controls.”
The guide is intended for use by senior management, risk management and security specialists (management and operational).