amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d938f353e4a6665ee0ed1e3cd953e32deee46dcd
hermes-brain/projects/passepartout/strategy/compliance/compliance-regimes/apra-cps-234.org
Hermes 6e992cc0c5 Restructure three-pronged → knowledge-layers: collapse 11 files to 3, integrate into main architecture 
- Rename 'three-pronged' folder to 'knowledge-layers' — prong metaphor
  was misleading (implied parallel tines), replaced with epistemic layers
  (deductive base, empirical middle, probabilistic oracle — vertical stack)
- Collapse 11 overlapping files into 3 coherent documents:
  - knowledge-layers/_index.org: core framework (two engines + one store,
    World Model formula, 0-14 layer table, provenance store design,
    conflict resolution, cold-start, stage mapping)
  - knowledge-layers/practical-implications.org: design-world-aware-of-
    physics, 10 powers, Schafmeister existence proof, epistemic transparency
  - knowledge-layers/neurological-empirical.org: neural networks in
    provenance framework (kept intact)
- Relocate wolfram/mathematica and Schafmeister docs to ideas/viability/
- Integrate into main architecture _index.org:
  - Gate: expanded from two vectors (ACL2+LLM) to three (deductive,
    provenance/empirical, LLM oracle)
  - Autodidactic loop: split into Track 1 (deductive hardening, fast)
    and Track 2 (empirical validation, slow, experimental-feedback-driven)
  - See also: added Knowledge Layers cross-reference
- Add all-lisp geometry engine note (ideas/lisp-geometry-engine.org) as
  concrete illustration of the empirical layer's effect on design work
- Rebuild site: 148 files, 0 errors
2026-06-04 19:09:44 +00:00

1.2 KiB
Raw Blame History

APRA CPS 234

APRA CPS 234 (Prudential Standard — Information Security)

Australian Prudential Regulation Authority standard for regulated financial institutions. Requires: clearly defined information security roles and responsibilities, periodic cybersecurity capability assessments, robust control testing, timely remediation of control weaknesses, mandatory notification of material incidents to APRA within 72 hours.

Who must comply: Banks, insurers, superannuation funds regulated by APRA. ~500 entities.

Penalties: APRA can impose capital requirements, license conditions, or license cancellation for non-compliance. Personal liability for board and senior management.

Why it matters: CPS 234's control testing requirement creates demand for continuous verification — exactly what the gate stack and evaluation harness provide. First-mover advantage: CPS 234 is mature (2019) but enforcement is escalating. No vendor provides a deterministic control-testing pipeline.

Reference in New Issue View Git Blame Copy Permalink