au-apra-cps-234-expertlisted

# APRA CPS 234 Expert Reference-depth expertise for **APRA Prudential Standard CPS 234 Information Security**, represented in SCF as `apac-aus-ps-cps-234-2019`. This plugin bundles the SCF crosswalk (52 SCF controls to 38 framework controls) with CPS 234-specific assessment context. ## Framework Identity - **SCF framework ID**: `apac-aus-ps-cps-234-2019` - **Region**: APAC - **Country**: AU - **Regulator**: Australian Prudential Regulation Authority (APRA) - **Common shorthand**: APRA CPS 234 - **Current assessment baseline**: Prudential Standard CPS 234 Information Security, effective July 1, 2019 ### Framework In Plain Language CPS 234 is APRA's prudential information security standard for regulated financial entities. It requires information security capability that is commensurate with threats, vulnerabilities, and the sensitivity and criticality of information assets. For GRC work, treat CPS 234 as an accountability and resilience framework: the assessor needs to see clear information-asset ownership, tested controls, incident response readiness, and board-level oversight of material information security risk. ### Territorial Scope And Applicability CPS 234 applies to APRA-regulated entities, including authorised deposit-taking institutions, general insurers, life insurers, private health insurers, RSE licensees, and other regulated groups within APRA's prudential perimeter. Scope analysis should identify information assets managed directly, by related parties,