Back to Frameworks

Security of Critical Infrastructure Act 2018 (SOCI)

Australia
v2024
5 domains
5 controls

Australian legislation mandating security obligations for owners and operators of critical infrastructure assets across 11 sectors, including cyber incident reporting, risk management programs, and enhanced cyber security obligations for systems of national significance.

Verified

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (5)

CIRMP

1 controls
Controls in the CIRMP domain of Security of Critical Infrastructure Act 2018 (SOCI)1 controls
CodeTitle
AUSOCI-2Critical Infrastructure Risk Management Program (CIRMP)

Enhanced Obligations

1 controls
Controls in the Enhanced Obligations domain of Security of Critical Infrastructure Act 2018 (SOCI)1 controls
CodeTitle
AUSOCI-5Enhanced Cyber Security Obligations and Continuous Improvement

Government Powers

1 controls
Controls in the Government Powers domain of Security of Critical Infrastructure Act 2018 (SOCI)1 controls
CodeTitle
AUSOCI-4Government Assistance Powers and Direction Authority

Incident Reporting

1 controls
Controls in the Incident Reporting domain of Security of Critical Infrastructure Act 2018 (SOCI)1 controls
CodeTitle
AUSOCI-3Cyber Incident Reporting (12/72 hours)

Register

1 controls
Controls in the Register domain of Security of Critical Infrastructure Act 2018 (SOCI)1 controls
CodeTitle
AUSOCI-1Register and Sector Coverage

Frequently Asked Questions

What is Security of Critical Infrastructure Act 2018 (SOCI)?

Security of Critical Infrastructure Act 2018 (SOCI) is a compliance framework from Australia with 5 domains and 5 controls. Australian legislation mandating security obligations for owners and operators of critical infrastructure assets across 11 sectors, including cyber incident reporting, risk management programs, and enhanced cyber security obligations for systems of national significance. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does Security of Critical Infrastructure Act 2018 (SOCI) have?

Security of Critical Infrastructure Act 2018 (SOCI) has 5 controls organised across 5 domains. The largest domains are CIRMP (1 controls), Enhanced Obligations (1 controls), Government Powers (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does Security of Critical Infrastructure Act 2018 (SOCI) map to?

Security of Critical Infrastructure Act 2018 (SOCI) does not currently have cross-framework mappings in our system. Check back as we continuously expand our mapping database.

How do I get started with Security of Critical Infrastructure Act 2018 (SOCI) compliance?

Start your Security of Critical Infrastructure Act 2018 (SOCI) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Security of Critical Infrastructure Act 2018 (SOCI) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 5 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.

Get Started Free →

Free forever — no credit card required