The Australian Prudential Regulatory Authority (APRA) has updated its risk management requirements and mitigation techniques1, making it faster and easier to get to cloud.
FSIs across Australia can ensure their AWS implementation meets key technology control guidelines by using Accenture Security Framework for AWS.
The Framework provides a mechanism for Australian FSIs to leverage the flexibility, agility and cost savings of cloud to:
For each of the technology key control requirements, Accenture Security Framework for AWS summarises the applicable AWS services and how they can be arranged to help FSIs address the key controls listed by APRA.
The Accenture Security Framework for AWS leverages agile development methodologies coupled with AWS services. By using the Framework, FSIs will be able to manage material workloads in AWS by employing security controls using familiar mechanisms, specifically aligned to the areas recommended by APRA.
Build a secure and resilient AWS platform that supports all workloads within your organisation. Manage data securely while supporting the adoption of cloud-native development and security technique.
In July 2015, APRA published an Information Paper on Outsourcing and Cloud to establish risk mitigation for compliant solutions adopted on cloud. The Accenture Security Framework for AWS and how it relates to the APRA guidelines removes uncertainty by providing a method to design and configure AWS services to address the key technology controls described in the Information Paper and CPG 234 – “Management of Security Risk in information and Information Technology.”