Grant Thornton Australia

Grant Thornton uses cookies to monitor the performance of this website and improve user experience. If you are happy to accept cookies from this site, please check the box. To find out more about cookies, what they are and how we use them, please see our privacy notice, which also provides information on how to delete cookies from your hard drive.

How to be COVIDSafe when visiting Grant Thornton offices. Find out how

Global site
  • Global site
  • Africa
  • Americas
  • Asia Pacific
  • Europe
  • Middle East
Grant Thorton Logo
Grant Thornton Logo Grant Thornton Logo
  • Skip to content
  • Skip to navigation
Contact us
Close Global search
  • Insights
  • Services
  • Industries
  • Meet our people
  • Careers
  • News centre
  • Locations
  • About us
  • Audit
  • Tax
  • Risk
  • Forensics
  • Deals
  • Finance and funding
  • Insolvency
  • Restructuring and turnaround
  • Business services
  • Consulting

  • Market services
  • Asia
  • Indigenous advisory
Audit Home
  • Compliance audits & reviews
  • Audit quality
  • Financial reporting advisory
  • Audit advisory
Insight CPS 234 Tripartite Review – Considerations for APRA-regulated entities
Following the announcement of the CPS tripartite audits in November 2020, APRA began issuing notices to regulated entities to undergo the independent assessment. The reviews are part of APRA’s four year strategy to increase the rigor of compliance with CPS 234: Information Security.
Tax Home
  • Corporate tax & advisory
  • Private business tax & advisory
  • Tax compliance
  • Employment tax
  • International tax
  • GST, stamp duty & indirect tax
  • Tax law
  • Research and development & government incentives
  • Transfer pricing
  • Data transformation and analytics
  • Corporate simplification
Client alert Final round of funding for medtech commercialisation
The second and final round of the Clinical Translation and Commercialisation Medtech (CTCM) program opens on 9 September 2022.
Risk Home
  • Payroll assurance
  • Cyber resilience
  • Internal audit
  • Financial crime
  • Consumer Data Right
  • Risk management
  • Controls assurance
  • Governance
  • Regulatory compliance
Insight CPS 234 Tripartite Review – Considerations for APRA-regulated entities
Following the announcement of the CPS tripartite audits in November 2020, APRA began issuing notices to regulated entities to undergo the independent assessment. The reviews are part of APRA’s four year strategy to increase the rigor of compliance with CPS 234: Information Security.
Forensics Home
  • Forensic accounting and dispute advisory
  • Investigations
  • Digital forensics
  • eDiscovery
Client alert Fair Work Ombudsman releases its strategic priorities and key industry focus for FY23
The Fair Work Ombudsman (FWO) has announced its strategic priorities for 2022-23 including where audit and enforcement activities will be undertaken in relation to wage underpayments.
Deals Home
  • Mergers and acquisitions
  • Acquisition search & strategy
  • Divestments
  • Operational deal services
  • Transaction advisory
  • Business valuations
  • Tax in mergers & acquisition
Insight Tax in M&A: Questions to ask your business and deal team
While Australia has shown strong acquirer appetite and businesses from all industries are finding great success and outstanding returns with their acquisition and divestment strategies, M&A activity now faces an uncertain future.
Finance and funding Home
  • Corporate finance
  • Debt advisory
  • Working capital optimisation
  • Capital markets
  • Capital raising
  • Private equity
  • Financial modelling
  • Payments advisory
Insight Tax in M&A: Questions to ask your business and deal team
While Australia has shown strong acquirer appetite and businesses from all industries are finding great success and outstanding returns with their acquisition and divestment strategies, M&A activity now faces an uncertain future.
Insolvency Home
  • Voluntary administration & DOCA
  • Corporate insolvency & liquidation
  • Complex and international insolvency
  • Safe Harbour advisory
  • Bankruptcy and personal insolvency
  • Creditor advisory services
  • Small business restructuring process
Client alert Can your business leverage the Small Business Restructure process to clean up old debt?
As the economy continues to battle ongoing waves of COVID-19, businesses who are struggling to pay legacy debts may be left wondering what their future might look like.
Restructuring and turnaround Home
  • Independent business reviews
  • Commercial performance
  • Safe Harbour advisory
  • Corporate simplification
  • Director advisory services
  • Debt advisory
Client alert ATO puts up to 50,000 taxpayers on alert for looming Director Penalty Notices
On 28 March, the ATO sent its strongest message on debt enforcement since the COVID-19 pandemic commenced, advising that it is now issuing letters to taxpayers informing them about their potential personal liability for company tax debts under the Director Penalty Notice (DPN) programme.
Business services Home
  • Business planning & strategy
  • Private business company secretarial services
  • Outsourced accounting services
  • Superannuation and SMSF
  • Management reporting
  • Financial reporting
  • Forecasting & budgeting
  • ATO audit support
  • Family business consulting
  • Private business taxation and structuring
  • Outsourced CFO services
Consulting Home
  • Management consulting
  • Financial consulting
Insight Earning trust and building credibility and influence as a CFO
Whether you’ve just secured the coveted role of Chief Financial Officer (CFO) or you’re on the cusp of becoming one, one thing’s for sure: you’re embarking on a high-stakes, high pressure role.
Asia Home
  • China
  • India
  • Japan
  • Case study: Restructuring solutions
  • Agribusiness, Food & Beverage
  • Energy & Resources
  • Financial Services
  • Health & Aged Care
  • Life Sciences
  • Manufacturing
  • Not for Profit
  • Professional Services
  • Real Estate & Construction
  • Retail & Consumer Products
  • Technology, Media & Telecommunications
Agribusiness, Food & Beverage Home
Client alert Fair Work Ombudsman releases its strategic priorities and key industry focus for FY23
The Fair Work Ombudsman (FWO) has announced its strategic priorities for 2022-23 including where audit and enforcement activities will be undertaken in relation to wage underpayments.
Energy & Resources Home
Guidebook A guide to transition from exploration to development and production
A deep dive into the accounting, tax and finance implications as you transition from exploration through development and ultimately, production.
Financial Services Home
Insight CPS 234 Tripartite Review – Considerations for APRA-regulated entities
Following the announcement of the CPS tripartite audits in November 2020, APRA began issuing notices to regulated entities to undergo the independent assessment. The reviews are part of APRA’s four year strategy to increase the rigor of compliance with CPS 234: Information Security.
Health & Aged Care Home
Client alert Final round of funding for medtech commercialisation
The second and final round of the Clinical Translation and Commercialisation Medtech (CTCM) program opens on 9 September 2022.
Manufacturing Home
Insight Investment into innovation encouraging stability in manufacturing
Australian manufacturers have been through difficult times, particularly with the shutdown of the automotive industry, but remaining businesses are proving to be agile and resilient having already battled through lots of challenges. In addition, the accelerating pace of new technologies being introduced, combined with COVID-19 disruption and the Government’s substantial industry support, many manufacturing business models have been fundamentally challenged for the better.
Not for Profit Home
Insight How not-for-profit organisations can shift from ‘survival mode’ into sustainability
We saw COVID threaten the sustainability for many not-for-profit (NFP) organisations, forcing some to make operational changes or to shut their doors, and others to adapt and drive innovation to achieve their mission. But what does it mean to be a sustainable NFP, and how do these organisations then remain sustainable for years to come?
Professional Services Home
Client alert ATO targets “Everett Assignments” by professionals
Following on from the ATO’s guide to professional services firms’ allocation of profits in PCG 2021/4, the ATO has now further tightened its compliance scrutiny of individual professionals’ ability to assign or stream income away from themselves to family members by releasing its compliance approach to so-called Everett assignments.
Real Estate & Construction Home
Insight Infrastructure in Western Australia – a strong and renewed focus on investment
The Western Australian Government has recently handed down its 2022-23 State budget announcing a record $33.9 billion investment in infrastructure over the next four years. The significant investment in infrastructure will not only create a strong pipeline of future economic activity but will shape the way we live and move around the state.
Retail & Consumer Products Home
We are Retail We are Retail
Our senior people have worked in retail for 25 years. That’s 25 years of experience helping some of Australia’s largest and most important businesses to be more successful. Put simply, we implement solutions that grow businesses, and our work makes a positive and profound impact on the lives of millions of people around Australia.
Technology, Media & Telecommunications Home
Client alert Digital Games Tax Offset
Income Tax Assessment Amendment (Digital Games Tax Offset) Bill 2021: Measure for Consultation
  • Careers Home
  • Working at Grant Thornton
  • Student opportunities
  • Experienced careers
  • Contact us
  • Alumni
Working at Grant Thornton Home
  • Flexibility
  • Your career and development
  • Diversity and inclusion
  • In the community
  • What we offer you
Student opportunities Home
  • Graduates
  • Vacationer Program
  • The application process
  • FAQs
  • Student application tips and tricks
  • Positions available
  • Assessment tips & tricks
Experienced careers Home
  • Client spotlight
  • Positions available
    • EN
    • Contact us
    1. Home
    2. Client alerts
    3. 2021
    4. Data recovery: APRA feedback on Cyber Resilience and CPS 234

    Data recovery: APRA feedback on Cyber Resilience and CPS 234

    07 Dec 2021

    Data recovery: APRA feedback on Cyber Resilience and CPS 234

    On Tuesday 23 November 2021, APRA released commentary following the conclusion of its pilot initiatives, the tripartite audit and technology resilience data collection.

    Following APRA’s feedback we first unpacked the expectation for Boards to review and challenge information reported by management on cyber resilience. APRA’s feedback also focuses on ensuring recovery from high-impact cyber attacks.

    According to responses to the data collection, in the past 12 months, more than one third of respondents had not tested their backups for critical systems, and 22% of entities had not tested their cyber incident response plans.

    Boards are encouraged to seek assurance on the entity’s likely ability to recover from a high-impact cyber attack.

    Dealing with a cyber attack, we often turn our minds to an incident response. While relevant, those same response processes and decisions will quickly focus and rely on matters of baseline preparedness, and data backup is a critical component. Boards must recognise and understand that an effective incident response plan must manage the interplay between highly complex non-IT elements e.g. does the Board have a position on paying ransomware demands, and longstanding good practice IT operations e.g. resilient data backups.

    For Boards, understanding which data is backed up, where, how often and when a restoration test was last undertaken may seem trivial, however it is these elements that are the cornerstone of understanding if your entity has a ‘good’ backup or not.

    For Management, being able to answer the Board questions above is imperative. So too is being able to demonstrate through plans, playbooks and practices that data recovery scenarios are well considered, tested and resilient. Above all, management must be able to take confident and decisive action in the event of a high-impact cyber event.

    Security is often thought of as needing complex solutions to opaque and complex risks which are understood by a few specialists. Where data and resilience is concerned nothing could be further from the truth – complete, functioning and tested backups have been a general IT risk management practice for decades. Boards should expect these processes to be well established, well-practiced and reliable.

    For advice on the CPS 234 review and working with your board, please get in touch.

    Matthew Green
    Matthew Green
    Partner Melbourne
    Email address Matthew Green VCard
    View full profile
    Daniel Farthing
    Daniel Farthing
    Partner Sydney
    Email address https://www.linkedin.com/in/daniel-farthing-cpa-mba-3093256/ Daniel Farthing VCard
    View full profile
    Claire Scott
    Claire Scott
    Partner Sydney
    Email address Claire Scott VCard
    View full profile

    Related content

    Board assurance: APRA feedback on Cyber Resilience and CPS 234 November 2021 Read more
    Time to prepare for APRA CPS 234 Tripartite Reviews August 2021 Read more
    Risk Cyber resilience March 2021 Read more

    Subscribe to receive our publications

    Subscribe now to be kept up-to-date with timely and relevant insights, unique to the nature of your business, your areas of interest and the industry in which you operate.

    Subscribe

    Share this page

    • Share this page on Facebook LinkedIn
    • Share this page on Twitter Twitter
    • Share this page on LinkedIn LinkedIn
    • Share this page on Wechat WeChat
    • Share this page via email Email
    • Grant Thornton on Youtube
    • LinkedIn icon
    • Twitter icon
    • Facebook icon
    Connect
    • Contact us
    • Locations
    • Meet our people
    • Subscribe
    • Staff portal
    About
    • Careers
    • News centre
    • Client alerts
    • Grant Thornton Foundation
    • Grant Thornton Affinity
    Legal
    • Privacy
    • Compliance and ethics
    • Modern slavery statement
    • Disclaimer
    • Site map

    © 2022 Grant Thornton Australia Limited – All rights reserved