The Security of Critical Infrastructure Act 2018 (SOCI Act) provides a framework for managing and protecting critical infrastructure.
The SOCI Act applies to 11 critical infrastructure sectors and 22 critical infrastructure asset classes.
Key requirements under the SOCI Act:
The Security of Critical Infrastructure (Critical infrastructure risk management program) Rules 2023 (CIRMP Rules) detail the mandatory baseline security standards for CIRMP and provide further details about hazards to be considered for the responsible entities of 13 critical infrastructure asset classes:
To work out whether or not you fall within any of these asset classes, you will need to review the definitions in the SOCI Act as well as the Security of Critical Infrastructure (Definitions) Rules 2021.
Commencement of Critical Infrastructure Risk Management Program obligations
(all but cyber)
First Board-approved annual report due to the regulator (must be submitted within 90 days after the end of the financial year)
Annual review of the CIRMP to ensure it is up to date (update or variation if required)
Commencement of the cyber security component of the CIRMP Rules against a recognised framework (ISO27001, AESCSF, NIST, E8) or equivalent
Providence has a deep knowledge of critical infrastructure reforms and offers extensive proficiency across relevant disciplines: security and risk management, personnel, physical and supply chain security. We collaborate with like-minded partners that deliver cyber security solutions.
We provide integrated and advice and solutions tailored to your operating context and resources to enable resilience and business continuity of your enterprise.
Providence offers the following services:
Interested in learning more?
Register to download a detailed briefing on ‘Security of Critical Infrastructure’
To learn more, or to discuss the next steps to meet your SOCI obligations and identify benefits that stem from meeting those obligations, fill out the form below and our team will be in touch.
Adash is Providence’s CEO and is responsible to the Providence Board and Providence’s clients for ensuring the timely delivery of outcomes through advice, guidance and mentoring to Providence’s staff.