Australia Coat of Arms
APRA Logo
APRA Logo
copyright privacy disclaimer sitemap  
Advanced search    
 
         
 
     
  Home  
  About APRA  
  Careers  
  Policy  
  Research  
  Legislation  
  Statistics  
  Disqualification Register  
  Media Releases  
  Speeches  
  Submissions  
  APRA Insight  
  Non-Regulated Entities  
  Links  
  Contact APRA  
  Brian Gray Scholarship Program  
  Providing information and feedback to APRA  
  Whistleblowers  
  Graduate Program  
     

[2009]  [2008]  [2007]  [2006]  [2005]  [2004]  [2003]  [2002]  [2001]  [2000]  [1999]  [1998] 

Media Releases
APRA releases guidance on the management of security risk in information and information technology

Monday, 01 February 2010
No. 10.02
For Immediate Release

The Australian Prudential Regulation Authority (APRA) has today published a prudential practice guide (PPG) on the management of security risk in information and information technology (IT) by institutions supervised by APRA.

A draft PPG and discussion paper on this topic were released for public consultation on 8 May 2009 as PrudentialPractice Guide PPG 234 Management of IT Security Risk. Response to the consultation package was positive and no material issues were raised.     

The final PPG aims to target areas where APRA’s ongoing supervisory activities continue to identify weaknesses. Topics addressed include the importance of an overarching framework, systematic IT asset life-cycle management, effective monitoring processes and robust IT security reporting and assurance mechanisms. 

The PPG is designed to provide guidance to senior management, risk management and IT security specialists (management and operational). It does not seek to provide an all-encompassing framework nor to replace or endorse existing industry standards and guidelines.  

Prudential Practice Guide PPG 234 Management of Security Risk in Information and Information Technology is available on the APRA website at: http://www.apra.gov.au/Policy/upload/PPG_PPG234_MSRIT_012010_v7.pdf

The Australian Prudential Regulation Authority (APRA) is the prudential regulator of the financial services industry. It oversees banks, credit unions, building societies, general insurance and reinsurance companies, life insurance, friendly societies, and most members of the superannuation industry. APRA is funded largely by the industries that it supervises. It was established on 1 July 1998. APRA currently supervises institutions holding approximately $3.6 trillion in assets for 22 million Australian depositors, policyholders and superannuation fund members.

Media and industry enquiries only:                               
Andrew McCutcheon
Public Affairs Manager
Australian Prudential Regulation Authority
Telephone: 02 9210 3143  
Mobile: 0417 528 660

All other enquiries:         
APRA Contact Centre 1300 131 060 


Authorised Deposit-Taking Institutions | General Insurance | Superannuation | Life Insurance | Friendly Societies

Australian Prudential Regulation Authority