Security of Critical Infrastructure Act Service Sheet

Critical Infrastructure Risk Management Program

On 17 February 2023, the Critical Infrastructure Risk Management Program (CIRMP) requirements came into effect. The clock is now ticking for more than 11,000 Australian critical infrastructure entities to implement and become compliant with the risk management program obligations under the Security of Critical Infrastructure (SOCI) Act.

The goal of the CIRMP is to help entities responsible for critical infrastructure assets establish, maintain and comply with a risk management program that takes a holistic and proactive approach to identifying and mitigating hazards that pose material risks to the availability, integrity, reliability or confidentiality of critical infrastructure assets.

Next Steps

Entities in scope will need to have a CIRMP in place that documents material risks and controls that will minimise material risks to your assets for each of the four key domains by 17 August 2023. Entities will have until 16 February 2024 to comply with the controls as defined in their CIRMP.

How We Can Help

The experts at FTI Consulting will work with your organisation to define, implement and ensure compliance with the CIRMP obligations under the SOCI Act. Through a holistic and personalised approach, we help your organisation enhance security and resilience against the unique cybersecurity risks facing your organisation, whilst meeting your CIRMP obligations and maximising the return on investment.

Click here to download the full service sheet

Related Insights

Related Information

Published

April 03, 2023

temp Key Contacts

Wouter Veugelen

Senior Managing Director, Head of Australia Cybersecurity

Carla Liedtke

Managing Director

Tim de Sousa

Senior Director

Downloads

Sign up to get access to FTI Consulting Insights

Subscribe