Skip to content

CPS 230 webinar

The road to CPS 230: Getting your critical operations and tolerance levels in order.

Webinar on demand

Are you ready for CPS 230? The full standard doesn’t come into effect until mid-2025, but APRA’s July 2024 date for entities to define critical operations, and identify material service providers is rapidly approachingwith defining tolerance levels set to follow.

This webinar, led by Protecht's Michael Howell and Hela Ebrahimi, will provide you with the practical steps and insights needed to navigate these requirements successfully. The webinar will guide you through the complexities of CPS 230, ensuring your organisation not only meets regulatory expectations but improves operational resilience and outcomes.

This webinar is the first of a new series designed to prepare your organisation for the CPS 230 compliance journey.

Key topics covered will include:

  • APRA's timeline and expectations for July 2024 and beyond
  • Practical steps for identifying critical operations within your organisation.
  • Key considerations in setting robust tolerance levels
  • Governance requirements, including data capture and approval accountabilities
  • The role of material service providers in achieving CPS 230 compliance

Whether you're just starting to map out your critical operations or looking to refine your tolerance levels and governance processes, register now to lay the groundwork for a comprehensive approach to compliance.


Michael Howell

Research and Content Lead, Protecht

Hela Ebrahimi

Senior Risk Consultant, Protecht

Register to join our webinar

Information and topics covered 

"Understanding and implementing the CPS 230 requirements is not just about compliance; it's about strengthening the resilience and operational integrity of your organisation." - Michael Howell, Research & Content Lead, Protecht

Are you prepared for APRA’s CPS 230 standard on operational risk? APRA have been clear on multiple occasions that entities should not be sitting on their hands. While the full standard doesn’t come into effect until July 2025, entities should already be on their way to defining critical operations, setting tolerance levels, and identifying material service providers.

This requires a new way of thinking. Critical operations shifts beyond silos, systems and processes to the outcomes that must be delivered to your stakeholders. Defining tolerance looks beyond a traditional approach of how disruption affects your internal financial or performance targets, forcing you to look through an external lens. Only through an understanding of the resources required to deliver your critical operations can you truly identify the material service providers.

This webinar will demystify the process of becoming CPS 230-ready. With the deadline looming, many organisations feel the pressure to comply but lack clarity on where to begin or how to proceed. We will break down the standard into manageable steps, offering practical advice and real-world examples to illustrate how to effectively meet APRA's expectations.

What you will learn 

  • How to accurately define your critical operations in line with CPS 230 requirements.
  • Strategies for setting and managing tolerance levels that integrate with your business continuity and risk management goals.
  • The importance of governance when defining critical operations and tolerance levels, including who should be accountable and how to capture necessary data.
  • Ways to leverage your understanding of critical operations to identify and manage material service providers effectively.

Target audience

This webinar is aimed at all CPS 230 regulated entities, especially:

  • Chief Compliance Officers and compliance managers seeking to navigate the compliance landscape efficiently.
  • Chief Risk Officers and risk managers looking to enhance their risk management frameworks in light of CPS 230.
  • Supplier risk managers and procurement teams involved in managing third-party relationships and risks.
  • IT security professionals focused on safeguarding operational and information security within the compliance framework.
  • Material service providers to CPS 230 regulated entities, including underwriting agencies, technology companies, debt collection agencies, law firms, and outsourced call centres, who play a crucial role in their clients' compliance ecosystems.

About the presenters

Research and Content Lead, Protecht

Michael Howell is Protecht's Research and Content Lead. He is passionate about the field of risk management and related disciplines, with a focus on helping organisations succeed using a ‘decisions eyes wide open’ approach.

Michael is a Certified Practicing Risk Manager whose curiosity drives his approach to challenge the status quo and look for innovative solutions.


Senior Risk Consultant, Protecht

Hela Ebrahimi is a seasoned Risk Consultant with over 15 years of experience in risk management and legal compliance. She is renowned for her passion and expertise in bringing risk management strategies to life.

Her client portfolio spans diverse industries, including insurance, banking, utilities, not-for-profits, and education, where she collaborates with stakeholders to identify, assess, and mitigate risks using Protecht's technology and industry best practices.