PRM-02
Cybersecurity & Data Protection Resource Management
Description
Mechanisms exist to address all capital planning and investment requests, including the resources needed to implement the cybersecurity and data protection programs and document all exceptions to this requirement.
Control Question
Does the organization address all capital planning and investment requests, including the resources needed to implement the cybersecurity and data protection programs and document all exceptions to this requirement?
Control Metadata
Domain:
Project & Resource Management
Validation Cadence:
Annual
Evidence Request List:
E-PRM-02
Framework Mappings
This control maps to the following compliance frameworks
APRA CPS 230
25
APRA CPS234
1315
MAS TRM
5.1.15.1.25.1.35.1.45.2.15.2.25.5.15.5.2