The latest resilience news from around the world

The Australian Prudential Regulation Authority (APRA) has released a new Prudential Standard, CPS 230 Operational Risk Management. This will direct how regulated entities manage operational risk, resilience, and business continuity.

CPS 230 Operational Risk Management (CPS 230) provides a foundation for APRA-regulated entities to: 

  • Strengthen operational risk management through new requirements to address identified weaknesses in existing controls; 
  • Improve business continuity planning to ensure they are positioned to respond to severe disruptions; and 
  • Enhance third-party risk management by ensuring risks from material service providers are appropriately managed.  

APRA has also released a consultation process for CPG 230, a Prudential Practice Guide that will assist organizations with their CPS 230 compliance activities.

CPS 230 compliance will be required by 1 July 2025. 

APRA Chair John Lonsdale said:

“The need for APRA’s new standard has been demonstrated by a number of recent operational risk control failures and disruptions, including material cyber breaches. This new standard will ensure that regulated entities set and test controls and maintain robust business continuity plans to respond if disruptions do occur. 

“We expect regulated entities to be proactive in preparing for implementation, rather than waiting until the last minute to get ready to meet the new requirements. There will be a transition phase for existing contractual arrangements with material service providers for entities that need some flexibility,” Mr Lonsdale said. 

More details.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.