Prudential Standard CPS 231 Outsourcing
The Australian Prudential Regulation Authority (APRA) is an independent statutory authority that supervises institutions across banking, insurance and superannuation. The APRA Prudential Standard CPS 231 Outsourcing (Prudential Standard) specifies the key requirements that APRA regulated institutions must implement and maintain when they outsource business activities to service providers.
In particular, the Prudential Standard specifies the matters that should be included in the agreement between the regulated institution and their service provider, including requirements on audit and monitoring procedures, termination provisions, sub-contracting, security of information and termination rights.
Google Cloud’s contracts for APRA regulated institutions in Australia address the contractual requirements in the APRA Prudential Standard. We have also created mappings to the standard for both GCP and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how institutions choose to use our services.