New APRA Prudential Standard - CPS 234 Information Security

APRA’s new Prudential Standard CPS 234 Information Security aims to ensure that APRA regulated entities are resilient against information security incidents (including cyber-attacks) by maintaining an information security capability commensurate with information security vulnerabilities and threats.

CPS 234 requires APRA-regulated entities to:

• clearly define information-security related roles and responsibilitiesmaintain an information security capability commensurate with the size and extent of threats to their information assetsimplement controls to protect information assets and undertake regular testing and assurance of the effectiveness of controls
• promptly notify APRA of material information security incidents.

UK Corporate Governance Code Released

The UK Financial Reporting Council has released The UK Corporate Governance Code (July 2018).

The Code takes a broader view of governance and emphasises the importance of a healthy corporate culture and constructive relations with a wider range of stakeholders in delivering long-term sustainable success.

The FRC has also made available the following accompanying publications to the 2018 Code:

• Guidance on Board Effectiveness
• Revised UK Corporate Governance Code 2018 highlights.