APRA releases prudential practice guide on managing data risk

Download document:

APRA releases prudential practice guide on managing data risk - .PDF file.

By Alec Christie and Rose Bollard

The Australian Prudential Regulation Authority (APRA) has issued the final version of its new prudential practice guide, Prudential Practice Guide CPG 235 — Managing Data Risk. The data guide aims to assist financial institutions, general and life insurance companies and superannuation funds regulated by APRA to manage their data risks. This final version of the data guide has few changes from the draft released in December 2012.

The data guide complements APRA’s earlier IT security guide, Prudential Practice Guide CPG 234 — Management of Security Risk in Information and Information Technology.

The data guide focuses on common ‘weak areas’ of data risk management identified by APRA through its ongoing supervisory activities of entities. This targeted approach means the data guide is relevant to all entities — whether by providing alerts to new risks or guidance to improve current practices. It also signals that APRA’s current focus and efforts will be directed to the monitoring and enforcement of compliance by entities with the data guide…

If you are registered and logged in to the site, click on the link below to read the DLA Piper briefing. If not, please register or sign in with your details below.