APRA’s Prudential Practice Guide (PPG234) was originally published in 2010 by the Australian Prudential Regulation Authority (APRA). It provides guidance to regulated financial institutions on how to effectively manage Information and IT security risks.
In September 2013, APRA released the Prudential Practice Guide CPG235 “Managing Data Risk” that identified data risks evident from their ongoing supervisory operations. CPG235 complements the earlier and now renumbered CPG 234 “Management of Security Risk in Information and Information Technology”.
The Huntsman compliance guide contains:
- A summary of the key recommendations from CPG234
- Demonstration of how Huntsman SIEM technology maps to its recommendations
This compliance guide covers the following key concepts:
- IT security risk, IT security monitoring; user monitoring, event logging
- Log Management, compliance monitoring; automated compliance reporting
- Data loss, data leakage, fraud, misuse, access controls, authentication
- Real-time monitoring & incident management; reporting and escalation
- Risk assessment, compliance controls, independent audit, performance monitoring