×

Warning

JUser: :_load: Unable to load user with ID: 3667
Wednesday, 12 December 2012 08:53

APRA warns on data risks

By

The Australian Prudential Regulation Authority (APRA) has issued a draft guide for banks, insurers and superannuation companies about the need to properly manage data risks that will have implications for organisations considering outsourcing or moving data to the cloud.

The industry has until the end of March to make submissions regarding the draft code.

The Draft Prudential Practice Guide released by APRA states clearly that it is not intended as an all-encompassing framework governing data management, rather it offers a series of guidelines regarding monitoring and managing data risk.

The far from prescriptive approach taken by the Guide allows organisations to assess their own appetite for data risk. While it does not outlaw outsourcing, offshoring or use of cloud services it notes that risk could be magnified through offshoring as a result of “control framework variations, lack of proximity, reduced corporate allegiance, geopolitical risks and jurisdictional-specific requirements.”

It notes that; “APRA expects a regulated institution to apply a cautious and measured approach when considering retaining data outside the jurisdiction it pertains to. It is important that a regulated institution is fully aware of the risks involved and makes a conscious and informed decision as to whether the additional risks are within its risk-appetite.”

Whatever solution an organisation selects APRA has made clear that it would expect an institution to be able to continue operations regardless of the situation of its outsourcer, offshorer or cloud provider. It also requires proper maintenance of data and compliance with legislative and prudential requirements.

APRA also indicated that organisations needed to ensure there were no jurisdictional hurdles or technical complications that would stall APRA from being able to access data as required to fulfil its prudential  obligations.

The draft guide also points to the risks that may be introduced by allowing end users to bring or develop their own technology. It notes that traditional data management policies may not be able to adequately manage the risk that this introduces, and special attention and policies might be required.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments