Navigating APRA Compliance with a Strong Identity Partner

Okta has created new APRA Compliance with Okta resources to assist our APRA-regulated customers in complying with both CPS 230 and CPS 234. 

Our aim is to help our customers fasttrack their due diligence process, improve audit efficiency, and confidently navigate this complex regulatory landscape. To learn more and access these resources, visit the Okta Security Trust Center.

While Okta is not an APRA-regulated entity, our platforms and security posture are designed to assist our regulated customers in meeting their obligations under the standards outlined within CPS 230 and CPS 234. Our APRA resources directly demonstrate how the Okta and Auth0 Platforms align with APRA-regulated customer compliance obligations.

Okta’s security framework is built to meet the rigorous demands of global standards, including ISO 27001, CSA STAR and SOC 2 Type II as well as being assessed at the PROTECTED level for IRAP. This robust foundation is what allows us to confidently support APRA-regulated entities. Our APRA Compliance with Okta resources outline Okta’s security practices and controls, demonstrating their comprehensive alignment with the principles and analogous requirements stipulated within CPS 230 and 234, encompassing both the Okta and Auth0 Platforms. All applicable requirements are mapped to the Okta Control Library, giving a clear view of how our platforms contribute to overall compliance.

Okta operates on a shared responsibility model, providing highly secure and resilient platforms.  Our documents clearly outline these responsibilities, empowering customers to configure and manage their Okta services effectively. 

For more information, visit our Security Trust Center, to access our latest independent audit reports, certifications, and other key resources.

Okta’s partnership-first approach extends to our innovative pooled audit program, which provides APRA-regulated customers the opportunity to be involved in collaborative audit sessions and helps us proactively meet customer needs while setting a new standard for partnership and trust at scale.

Disclaimer: While this article discusses certain legal concepts, it does not constitute legal advice. It is provided for informational purposes only. For legal advice regarding your organization's compliance needs, please consult your organization's legal department. Okta makes no representations, warranties, or other assurances regarding the content of this article. Information regarding Okta's contractual assurances to its customers can be found at okta.com/agreements.