Australian Government

Federal Register of Legislation

Security of Critical Infrastructure Act 2018

In force

Administered by

Department of Home Affairs

Latest version

C2025C00238 (C08)

04 April 2025

Table of contents

Part 1—Preliminary
Part 2—Register of Critical Infrastructure Assets
Part 2A—Critical infrastructure risk management programs
Part 2AA—Reporting obligations relating to certain assets that are not covered by a critical infrastructure risk management program
- 30AP Simplified outline of this Part
- 30AQ Reporting obligations relating to certain assets that are not covered by a critical infrastructure risk management program
Part 2B—Notification of cyber security incidents
Part 2C—Enhanced cyber security obligations
Part 2D—Enhanced security regulation for critical telecommunications assets
Part 3—Directions by the Minister
- Division 1—Simplified outline of this Part
  - 31 Simplified outline of this Part
- Division 2—Directions by the Minister
Part 3A—Responding to serious incidents
Part 4—Gathering and using information
Part 5—Enforcement
Part 6—Declaration of assets by the Minister
- Division 1—Simplified outline of this Part
  - 50 Simplified outline of this Part
- Division 2—Declaration of assets by the Minister
Part 6A—Declaration of systems of national significance by the Minister
- Division 1—Simplified outline of this Part
  - 52A Simplified outline of this Part
- Division 2—Declaration of systems of national significance by the Minister
Part 7—Miscellaneous
Endnotes