APRA Expectations on Cyber Security and the Importance of Backups

Cyber resilience is one of APRA’s supervision priorities. As the cyber threat landscape continues to evolve and escalate, all APRA-regulated entities must stay vigilant and proactively implement strategies to mitigate the risk and impact of potential cyber-attacks.

A key topic where APRA has observed weakness is the use of data backups to protect an entity against data loss.

On 3 June 2024 APRA published a letter to all APRA regulated entities on the issue of backups – stating “APRA notes through recent supervisory activities that although many entities have backup practices in place, APRA has observed common problems that can limit the usefulness of these backups in restoring systems during an incident”.

APRA’s letter and Appendix covers some common issues in backup practices – including insufficient segregation between production and backup environments, and lack of control testing coverage to ensure backups are protected.

Prudential Standard CPS 234, Information Security, and Prudential Practice Guide 234 provide both guidance and requirements for information security.

For easy to navigate digital versions of every financial services regulation, sign up for your free version of RegulationCity here.

RegulationCity Logo

Thank you for subscribing to the RegulationCity newsletter. We look forward to keeping you up to date with developments, and we look forward to your feedback.

 

The RegulationCity Team.

Translate

RegulationCity includes a translate function – enabling translation of any document
into any one of 100 languages. To translate a document, simply select the language.
10 flags are displayed in the right hand navigation – and all other languages are
accessible from a drop down list.,

Translate

Glossary Terms

Every Regulation in RegulationCity has a glossary of terms that will appear as pop up definitions – when you run your mouse over a term that appears in green in the text.
Glossary Terms

Version Comparison

RegulationCity display the latest version of a regulation – and gives you the option to view a previous version. To view a previous version of a regulation, select Previous Version from the About the Document card.

Click on Compare Versions to see both version of the Regulation.

The regulation will display with
– Deleted content highlighted in Red
– New Content highlighted in Green

Version Comparison

AI Summary

Every regulation in RegulationCity has been summarised to enable you to see a short
summary of the document content.

Click on View Summary in the Revealr AI box in the top right navigation.

The document summary will generate on the screen.

AI Summary

AI Query

To select the document you wish to query, either select from the drop down list or enter the name of the document.

Enter the query in the text box at the bottom of the page. The results of your query will then display – together with a link to all the sources used for the query response.

A key feature of RegulationCity is that queries are conducted in a secure environment. RegulationCity does not reference any sources outside the trusted environment of the Revealr Digital Twin to respond to your query. As a result you can be confident that the query uses only the Regulation selected to answer your question.

AI Query

Related Documents & Sections

Every document and section in RegulationCity is linked to related content – Acts and Regulations for example.

To access a related document, simply click on the document in the Related Documents card in the right hand navigation.

Clicking on the Related document opens this document in a new tab- making it easy to move between documents – with no searching or downloads.

Related Documents

Within most regulations, reference will be made to sections of related documents.

RegulationCity makes accessing related sections simple – with a single click from
the right hand navigation.

The page featuring the related section opens in a new tab.

Classification Tags

With over 60,000 pages of content, RegulationCity is a content rich site covering a vast range of regulatory matters. Our Digital Twin technology creates a tag cloud on every page – highlighting the key terms on that page – based upon frequency.


Clicking on a tag opens a list of all the documents within RegulationCity where this term appears.

Classification Tags

Navigating a Regulation

Navigation to any section of any document is designed to be very simple – clicking on the left hand navigation. This is built automatically from the table of contents of the document.

The main headings (heading 1) are accessed directly from the navigation. Sub- headings will drop down as soon as the plus sign to the right of the heading is clicked. 

Navigating Regulations

Finding Regulations

There are 2 ways to find a regulation. – either from the Regulator or using Search

Click on the Regulator from the Home Page. This will open a modal of all the Regulations that are published for this regulator.

The document will open as a series of web pages. Click on the left hand navigation to access any page of the document. No more downloads or long scrolling through documents.

Finding Regulations

If you are not sure which regulator is responsible for the regulation, enter the name of the document in the search bar on the home page.

RegulationCity will display a list of documents that meet your search criteria. Click on the document name and RegulationCity will display the document.

Search

Not ready to sign up today?

Enter your email for our special offer for new members.