Skip to content
Request a demo

Downloadable checklist

CPS 230 readiness checklist.

APRA’s CPS 230 standard introduces significant new requirements for operational risk management, business continuity, and third-party risk management. Entities must ensure ongoing compliance with these standards to meet regulatory expectations. But beyond just compliance, CPS 230 presents an opportunity to embed resilience, streamline risk governance, and improve risk oversight.

Our CPS 230 readiness checklist is a structured self-assessment tool designed to help organisations evaluate their compliance status, identify gaps, and prioritise remediation efforts before regulatory scrutiny begins. The checklist provides a clear, step-by-step evaluation of key CPS 230 requirements, allowing organisations to track their progress, address high-risk areas, and ensure governance, risk, and compliance (GRC) frameworks are aligned with APRA’s expectations.

By using this checklist, you will gain a clear picture of your readiness level, receive actionable insights on areas needing improvement, and develop a roadmap for compliance and resilience

What the readiness checklist covers

The checklist is structured across CPS 230’s three key compliance areas, enabling you to measure
your organisation’s preparedness in each area:

  • Operational risk management
  • Business continuity and resilience
  • Service provider and third-party risk management

The checklist allows you to score your organisation’s compliance readiness, with responses indicating whether:

  • You are fully compliant and well-prepared
  • You are on track but have some gaps that need addressing
  • You may face compliance risks and require urgent action before APRA’s deadline

Reasons to download 

  • Measure your compliance status against CPS 230’s key requirements, ensuring your risk, resilience, and governance frameworks align with regulatory expectations
  • Identify regulatory gaps that could put your organisation at risk, addressing weaknesses in operational risk management, business continuity, and third-party oversight
  • Prioritise key actions to strengthen governance, internal controls, and resilience, creating a structured plan to meet CPS 230 obligations efficiently
  • Ensure your third-party risk management aligns with APRA’s expectations by assessing vendor compliance, monitoring service providers, and implementing due diligence processes
  • Move beyond compliance by embedding CPS 230’s principles into a proactive risk management strategy that enhances long-term operational resilience and regulatory readiness

Who should download this

This checklist is essential for:

  • Risk and compliance leaders: Ensure governance structures align with APRA’s requirements and demonstrate compliance readiness
  • Business continuity and resilience managers: Strengthen operational resilience and crisis response capabilities
  • CROs and senior executives: Gain strategic oversight of compliance efforts and integrate risk frameworks into broader business strategy
  • Third-party risk and procurement teams: Ensure material service providers meet regulatory standards and mitigate supply chain risks
  • Internal audit: Prepare for regulatory assessments with a structured compliance approach

How Protecht can help

Managing compliance manually is complex, resource-intensive, and time-consuming. Protecht ERM provides a streamlined solution to help organisations embed CPS 230 compliance into their risk, compliance, and resilience frameworks.

  • Automate compliance tracking for CPS 230’s requirements
  • Strengthen governance with real-time reporting and dashboards
  • Improve third-party risk oversight and streamline due diligence
  • Integrate business continuity planning with risk assessments and resilience testing
See how Protecht can help your organisation simplify CPS 230 compliance. 
Back to list