“With MyCISO we finally have complete visibility of our program. We can see progress in real time, keep improving, and engage our staff through training — instead of waiting for the next consultant review.”
CPS 230:A Premier Cybersecurity Framework
The world of cybersecurity is ever-evolving, and with the advancements in technology, the need for robust, adaptable frameworks to secure cyberspace has never been more critical. In this landscape, CPS 230 emerges as a pivotal guideline, designed to fortify the resilience and security of information systems across various sectors. Developed by the Australian Prudential Regulation Authority (APRA), CPS 230 is a testament to the authority’s commitment to enhancing the cybersecurity posture of organisations under its purview, including banks, insurance companies, and other financial institutions.
CPS 230 is meticulously crafted to meet the needs of Chief Information Security Officers (CISOs), security professionals, IT managers, and other stakeholders involved in the governance and management of information security risks.
Key Security Domains Covered
The MyCISO Getting Started Framework includes 20 controls that align to the following security domains:
Governance and Risk Management: Establishes the need for a robust governance framework, with senior management actively overseeing the cybersecurity initiatives and risk management processes.
Personnel Security: Focuses on securing human resources through screening, continuous training, and awareness programs to mitigate insider threats.
Physical Security: Emphasises protecting physical assets and infrastructure from unauthorized access or damage.
System Hardening and Configuration: Advocates for implementing secure configurations, regular updates, and patches to software and systems to minimise vulnerabilities.
Access Control: Stresses the importance of managing access to information and systems through authentication, authorization, and accounting practices.
Cryptography: Recommends the use of strong cryptography to protect the confidentiality, integrity, and availability of information.
Incident Response: Guides on developing and implementing an effective incident response plan to quickly detect, respond to, and recover from security incidents.
MyCISO recommends selecting a larger and more comprehensive framework upon completing MyCISO Getting Started.
Framework FAQ
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s.
What our clients have to say
Take a look at what people have to say about using MyCISO.
“With MyCISO we finally have complete visibility of our program. We can see progress in real time, keep improving, and engage our staff through training — instead of waiting for the next consultant review.”
“Working with MyCISO gave us structure and speed — turning ambition into a practical, achievable improvement program.”
“MyCISO gave us the clarity and structure to manage cyber risks across a complex healthcare portfolio, while keeping compliance simple and transparent.”
“MyCISO enabled us to scale our security program across multiple health entities, providing clarity, consistency, and confidence to our executives and regulators.”
“MyCISO gave us a structured, objective way to demonstrate our maturity to governing committees. The platform’s reporting not only aligned us with multiple standards but also gave clarity and confidence at the executive level.”
“It just simplified something that was traditionally too hard for me – or anyone in my position – to undertake themselves. The clarity, simplicity, and cost-effectiveness were game changers.”
See how MyCISO helps you simplify cybersecurity, track compliance, and manage risk—fast.
Track maturity and effectiveness of security controls.
Automate audits and achieve compliance certifications.
Drive behavioural change for strong security culture.
Manage incidents using playbooks and clear reporting.
Measure what matters.
Identify, assess, and manage organisational risks.
Monitor and measure real-time supplier security.
Sync seamlessly with 550+ apps and tools.
Your Swiss-army knife of tools and templates.
See how you measure up.
Store, organise, and track compliance evidence securely.
Manage subsidiaries with integrated, roll-up reporting.
Advanced predictive AI engine for proactive security.
Instantly generate powerful, board-ready security reports.
Continuous threat exposure monitoring and alerts.
Includes basic frameworks, awareness, and supplier tools.
Perfect for SMEs or new security programs starting out.
Benchmark, manage, and comply – full coverage for enterprise standards.
Complete program management – our most comprehensive, all-in-one plan.
Being a startup is hard, but we’ve made security easy with everything you need.
Need something unique? Our sales team can tailor a bundle for you.
Strengthen resilience, manage supplier risk, and meet APRA & global standards.
Secure projects, streamline supplier oversight, and simplify compliance.
Protect student data, build awareness, and safeguard research.
Achieve guidelines and regulations such as Essential 8, ISM, NIST CSF and FedRamp.
Safeguard patient data with HIPAA, GDPR, and Privacy Act compliance.
Protect critical infrastructure, manage OT/IT supply chains, and meet SOCI.
Secure sensitive data, maintain trust, and run cost-effective security compliance programs.
Protect customer data, secure supply chains, and meet PCI DSS.
Benefits of moving from spreadsheets to a central platform.
Legacy platforms require significant overhead with limited insight and correlation.
Automation without oversight and governance can lead to a false sense of security.
Move beyond points solutions to one integrated platform.
Real-time visibility and reporting.
Manage multiple clients from one secure workspace.
Deliver branded, board-ready reports and dashboards.
Structured improvement plan aligned to your offerings.
Use a proven process to deliver your security managed service.
Complete program management – our most comprehensive, all-in-one plan.
Includes frameworks, awareness, and supplier tools.
Includes frameworks, awareness, and supplier tools.
Includes frameworks, awareness, and supplier tools.
Includes frameworks, awareness, and supplier tools.
Free access to our CISO Masterclass for all.
See how MyCISO helps you simplify security, manage risk and build resilience.