APRA releases “guidance on the management of security risk in information and information technology “
APRA has released what they dub as a “prudential practice guide” – “on the management of security risk in information and information technology (IT) by institutions supervised by APRA”. Press release and document here.
It will be interesting to see how the “guideline” adoption will go. Similar to the Monetary Authority of Singapore’s “Internet Banking and Technology Risk Management Guidelines“, but a decade behind, and packing what seems to be no real regulatory push nor enforcement like that in Singapore.
———————————————————————————————-
Securus Global: IT Security, Penetration Testing, Security Assessments, PCI Compliance, Product Assurance, QualysGuard, Security Strategy, Vulnerability Assessment.
Posted in Risk Management, governance | 2 Comments »



