Part 2A and Part 2AA of the
Security of Critical Infrastructure Act 2018 (SOCI Act) requires Responsible Entities for critical infrastructure assets to have and comply with a Critical Infrastructure Risk Management Program (CIRMP). A Responsible Entity must submit an Annual Report relating to its CIRMP to the relevant Regulator within 90 days of the end of the relevant Australian financial year. The Annual Report must be approved by the Entity’s board, council or other governing body, and must be submitted using this form.
You must complete this form within 90 days after the end of each financial year. We recommend you make a copy of this form for your records.
If you need more information, email
cisc@homeaffairs.gov.au.
