The 2019 Australian Prudential Regulatory Authority (APRA) information security Prudential
Standard commenced on 1 July 2019.

The aim of the Prudential Standard is to ensure APRA-regulated entities develop resilience
against information security incidents, including cyber-attacks.

APRA advises this can be achieved by ensuring the entity’s information security capability is
actively kept in line with the vulnerabilities and threats to its information assets.

A primary objective of the standard is to minimize the likelihood and impact of information
security incidents on the confidentiality, integrity or availability of information assets, including
any assets managed by related or third parties.