top of page
Search

CPS230 and IBM OpenPages

  • Writer: Alexander Fiedler
    Alexander Fiedler
  • Apr 27, 2023
  • 2 min read

APRA’s upcoming Prudential Standard CPS 230 Operational Risk Management will require APRA regulated entities to enhance processes and and reporting in the following areas:

  1. Enhancing Operational Risk Management by:

    1. Ensuring assessment processes adequately reflect how the introduction of new components such as products/services or technologies change operational risk profiles

    2. Focusing on maintaining effective control environments to adequately manage the respective business

    3. Greater focus on timely remediation of operational risk incidents as well as reporting to APRA of any material Incidents within 72 hours.

  2. Uplift of Business Continuity Management by:

    1. Identifying critical business processes that will not only can cause significant disruptions to the business itself but to the wider market and customers.

    2. Clearly articulating tolerance levels for critical processes

    3. Performing Business Continuity planning and documentation of not only standard scenarios but also more extreme and less likely scenarios (e.g. pandemics)

  3. Improving the Management of Third parties by:

    1. Extending the scope from Third parties to Fourth parties that are engaged by Third parties in the support critical processes

    2. Providing annual reporting on Material Third parties

    3. Ongoing reporting of changes in materiality of these parties.


According to APRA the effective date is intended to be moved to 1 July 2025 (link). While this will give organisations more time to develop and implement the changes there will likely be more scrutiny to see the changes implemented and operating in full.


As with any change, in the business processes and documentations will need to be underpinned by suitable technology. This is where the IBM OpenPages with Watson GRC platform provides a number of capabilities such as the Third Party Risk Management and Business Continuity Management modules to support these processes and Kairos Risk Solutions can help you implement the requirements in the most effective way. If you are interested in finding out more, please get in touch via our contact form or via LinkedIn.




 
 
 

Recent Posts

See All

Comments

bottom of page