# Operational Best Practices for APRA CPG 234
<a name="operational-best-practices-for-apra_cpg_234"></a>

Conformance packs provide a general-purpose compliance framework designed to enable you to create security, operational or cost-optimization governance checks using managed or custom AWS Config rules and AWS Config remediation actions. Conformance Packs, as sample templates, are not designed to fully ensure compliance with a specific governance or compliance standard. You are responsible for making your own assessment of whether your use of the Services meets applicable legal and regulatory requirements.

The following provides a sample mapping between the Australian Prudential Regulation Authority (APRA) CPG 234 and AWS managed Config rules. Each Config rule applies to a specific AWS resource, and relates to one or more APRA CPG 234 controls. An APRA CPG 234 control can be related to multiple Config rules. Refer to the table below for more detail and guidance related to these mappings.

This sample conformance pack template contains mappings to controls within APRA CPG 234 2019, which was created by the Commonwealth of Australia and can be found at [Prudential Practice Guide: CPG 234 Information Security](https://www.apra.gov.au/sites/default/files/cpg_234_information_security_june_2019_1.pdf). Licensing of the framework under Creative Commons Australia Attribution 3.0 Licence and copyright information for the framework (including a disclaimer of warranties) can be found at [APRA \$1 Copyright](https://www.apra.gov.au/copyright).


****  
[\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-apra_cpg_234.html)

## Template
<a name="apra_cpg_234-conformance-pack-sample"></a>

The template is available on GitHub: [Operational Best Practices for APRA CPG 234](https://github.com/awslabs/aws-config-rules/blob/master/aws-config-conformance-packs/Operational-Best-Practices-for-APRA-CPG-234.yaml).