We provide services and solutions to APRA-regulated entities to help them achieve compliance against the CPS 234 Standard.
When you engage Shearwater, you have the assurance that your security team is tackling security threats with the right structured approach – managing risks and protecting your organisation’s systems around the clock.
We have extensive experience in incident management and incident response preparation, including notification requirements set by the CPS 234 Standard. Our team can also help you to review and test your incident response plan regularly.
Your organisation may be subject to the Notifiable Data Breach (NDB) Scheme, obliging you to notify individuals whose personal information was compromised due to a data breach. We can help you plan your actions and responses, integrating this into your incident response plan and processes.
We can assist in developing and improving your organisation’s information security capability while ensuring it is appropriate to the size of your organisation and the threats it faces. As part of this engagement, we can help you identify your key information assets as well as help with delivery of key policy framework documents.
If your organisation is already compliant (or needs to be compliant) with other information security standards (such as ISO/IEC 27001, PCI DSS or ISM), we can also help you align these standards with your CPS 234 requirements.
Our C-Level Executive Briefings are designed to assist executives of APRA-regulated entities in discerning the requirements of the CPS 234 Standard and understanding how they apply to their organisation.
Our team can review your existing policy frameworks and policies, align policies with both CPS 234 and other security standards, and lead the full development of policies in conjunction with your internal resources.
We can conduct an information asset audit, complete with identification and prioritisation. Furthermore, our team of specialists can assist in segmenting your environment to ensure cost-effective security management.
We can work with your team to develop an overarching Risk Management framework that enables your organisation to effectively uncover, prioritise and manage risks within core systems.
CPS 234 requires that your internal audit activities include a review of the design and operating effectiveness of information security controls. We can provide this capability to your internal audit team or conduct an internal audit on your behalf.
If your organisation’s information assets are managed by a related party or a third party, we can assist you with your CPS-234 obligations for suppliers and evaluate your supplier’s information security controls in line with APRA standards.
We can assist in implementing a suitable testing program and regime to ensure the effectiveness of security controls.
“We chose to engage an Australian company called Shearwater to lead that (IRAP) assessment
because of their reputation for rigour and expertise.”
“Security is an on-going process, and as an IT Security Advisor, I am comfortable with having a peer company like Shearwater to rely upon. If I have an issue or need advice I am confident that Shearwater can provide a pragmatic and cost-effective solution.”
Contact us today to speak to one of Shearwater’s Certified Security Consultants. They have extensive experience in providing guidance for achieving and maintaining accreditation and will be happy to assist you.
Call us on 1300 228 872 or submit the form below
