Search common contracting language and take a deeper dive to discover what each means
This website stores cookies on your computer. These cookies are used to improve your website and to provide more personlised services to you, both on this website and through other media.
To find out more about the cookies we use see our Privacy Policy.
Search common contracting language and take a deeper dive to discover what each means
The Australian Prudential Regulation Authority (APRA) is the prudential regulator of the Australian financial services industry. It is responsible for ensuring the financial safety and soundness of regulated institutions, including banks and insurance companies.
CPS 234 is a regulation that sets out information security requirements for APRA-regulated entities including:
Information Security Roles and Responsibilities: APRA-regulated entities are required to clearly define information security roles and responsibilities for their staff, including the Board and senior management. This includes appointing an accountable person to oversee information security and ensuring that all staff are trained and aware of their information security responsibilities.
Information Asset Identification and Classification: Entities are required to identify and classify their information assets, based on their sensitivity and criticality. This includes personal information, financial information, and any other information that could impact the entity's operations or reputation if it were lost, stolen or compromised.
Control Implementation: Entities must implement appropriate information security controls, based on the sensitivity and criticality of their information assets. This includes both technical and non-technical controls, such as access controls, encryption, backups, incident management and third-party supplier management.
Testing and Assurance: Entities must regularly test and review their information security controls to ensure that they remain effective and appropriate. This includes regular penetration testing, vulnerability assessments, and third-party assurance activities.
Incident Management: Entities must have an effective incident management framework, including processes for identifying, assessing and responding to information security incidents. This includes having clear escalation procedures and notifying APRA of any incidents that meet the threshold for reporting.
Copyright © 2015 - 2025. Gatekeeper™ is a registered trademark.
Before Gatekeeper, our contracts
Anastasiia Sergeeva, Legal Operations Manager, BlaBlaCar
were everywhere and nowhere.
Gatekeeper is that friendly tap on the shoulder,
Donna Roccoforte, Paralegal, Hakkasan Group
to remind me what needs our attention.
Great System. Vetted over 25 other systems
Randall S. Wood, Associate Corporate Counsel, Cricut
and Gatekeeper rose to the top.
Thank you for requesting your demo.
Next Step - Book a Call
Please book a convenient time for a quick call to discuss your requirements.