Cyber Security Act 2024 (Australia)
Australia's first standalone cyber security legislation introducing mandatory security standards for smart devices, ransomware payment reporting, limited use obligations for ASD-shared information, and a Cyber Incident Review Board.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (6)
Cyber Security Act 2024: Coordination and Limited Use
| Code | Title |
|---|---|
| AUCSA-LU-INTERACT | Interaction with other reporting requirements |
| AUCSA-LU-LIMITED | Limited use obligation on shared incident information |
| AUCSA-LU-SHARE | Voluntary information sharing with the National Cyber Security Coordinator |
Cyber Security Act 2024: Cyber Incident Review Board
| Code | Title |
|---|---|
| AUCSA-CIRB-EST | Establishment, functions and powers of the Cyber Incident Review Board |
| AUCSA-CIRB-INFO | Compulsory information production and protection of review information |
| AUCSA-CIRB-REVIEW | Conduct of no-fault post-incident reviews |
| AUCSA-CIRB-RPT | Board reports and recommendations |
Cyber Security Act 2024: Preliminary and Objects
| Code | Title |
|---|---|
| AUCSA-P1-OBJ | Objects and application of the Act |
Cyber Security Act 2024: Ransomware Reporting Obligations
| Code | Title |
|---|---|
| AUCSA-RAN-CONTENT | Content of a ransomware payment report |
| AUCSA-RAN-PROT | Limited use and protection of ransomware report information |
| AUCSA-RAN-RPT | Ransomware and cyber-extortion payment reporting obligation |
Cyber Security Act 2024: Regulatory Powers and Interactions
| Code | Title |
|---|---|
| AUCSA-INT-SOCI | Interaction with the SOCI Act and other laws |
| AUCSA-REG-MON | Monitoring, investigation and infringement notices |
| AUCSA-REG-PEN | Civil penalty provisions and enforceable undertakings |
Cyber Security Act 2024: Security Standards for Smart Devices
| Code | Title |
|---|---|
| AUCSA-IOT-COC | Statement of compliance for connectable products |
| AUCSA-IOT-ENF | Compliance, stop and recall notices for smart devices |
| AUCSA-IOT-STD | Security standards for relevant connectable products |
Maps to 2 other frameworks
Frequently Asked Questions
What is Cyber Security Act 2024 (Australia)?
Cyber Security Act 2024 (Australia) is a compliance framework from Australia with 6 domains and 17 controls. Australia's first standalone cyber security legislation introducing mandatory security standards for smart devices, ransomware payment reporting, limited use obligations for ASD-shared information, and a Cyber Incident Review Board. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Cyber Security Act 2024 (Australia) have?
Cyber Security Act 2024 (Australia) has 17 controls organised across 6 domains. The largest domains are Cyber Security Act 2024: Cyber Incident Review Board (4 controls), Cyber Security Act 2024: Coordination and Limited Use (3 controls), Cyber Security Act 2024: Ransomware Reporting Obligations (3 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Cyber Security Act 2024 (Australia) map to?
Cyber Security Act 2024 (Australia) maps to 2 other compliance frameworks. The top mapping partners are Critical Infrastructure Risk Management Program (CIRMP) Rules 2023 (12% coverage), NIST Cybersecurity Framework 2.0 (12% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Cyber Security Act 2024 (Australia) compliance?
Start your Cyber Security Act 2024 (Australia) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Cyber Security Act 2024 (Australia) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 17 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 700 frameworks.
Get Started Free →Free forever — no credit card required