This standard requires an entity to effectively manage its operational risks.| handbook.apra.gov.au
Information security, cybersecurity and privacy protection — Information security management systems — Requirements| ISO
