Course Overview
- This course provides comprehensive education on the Security of Critical Infrastructure (SOCI) Act 2018, focusing on compliance strategies, risk management, and governance for critical infrastructure sectors.
- Designed for those with security and risk management responsibilities and also security and risk professionals, the course explores legal obligations, the development and implementation of the Critical Infrastructure Risk Management Program (CIRMP) and enhanced cybersecurity measures.
- Participants will gain practical insights into applying the SOCI framework, fulfilling governance requirements, and ensuring resilience against emerging threats, aligning with Australia’s regulatory landscape and global best practices.
Learning Objectives
By the end of this course, participants will be able to:
1. Understand the Security of Critical Infrastructure (SOCI) Act 2018 framework
Grasp the policy drivers, foundational principles, the purpose, object, structure, and critical infrastructure sectors covered under the SOCI Act.
2. Identify and categorise critical infrastructure assets
Apply definitions and criteria to identify and categorise critical infrastructure assets within their entities, ensuring compliance with legislative requirements.
3. Apply risk management principles and risk mitigation
Employ a risk-based framework to identify, assess, and mitigate vulnerabilities across critical infrastructure sectors, ensuring resilience and security.
4. Develop and implement Critical Infrastructure Risk Management Program (CIRMP)
Create and manage a CIRMP, which integrates with extant security arrangements, that addresses multi-hazard risks, such as cybersecurity, physical security, personnel security, and supply chain security.
5. Fulfill governance and compliance requirements
Fulfill board-level annual reporting obligations, leverage assurance frameworks to evaluate risk management strategies, and understand the Department of Home Affairs’ enforcement mechanisms and regulatory philosophy.
Learning Outcomes
After completing this course, participants will be able to:
1. Comprehend the SOCI Act’s relevance and scope
Demonstrate a clear understanding of the SOCI Act, its purpose, and its application to Australia’s critical infrastructure.
2. Apply risk-based approaches
Implement risk management principles to assess and mitigate vulnerabilities, enhancing the security and resilience of critical infrastructure assets.
3. Ensure organisational compliance
Develop practical measures to ensure their organisation complies with SOCI Act requirements, including CIRMP development and adherence to enhanced cybersecurity obligations.
4. Promote effective governance
Fulfill governance obligations by developing board-level strategies for evaluating and improving risk management frameworks, ensuring alignment with SOCI compliance requirements.
5. Prepare for audit, enforcement and reporting
Navigate regulatory compliance, notification obligations for critical data management, and enforcement mechanisms to maintain proactive compliance with the SOCI Act.