Legal Insights

Cyber Incident Management Plan

Mark Hayes

• 03 September 2019 • 1 min read

The Victorian Government has released its Cyber Incident Management Plan. Will your Council’s IT policies need to be updated to align with the Plan?

Last month the Victorian Government released its Cyber Incident Management Plan.

The Plan applies to all Victorian Public Sector bodies, and details the responsibilities of Victorian Government organisations in managing cyber incidents.

While not mandatory for local government, councils are encouraged to adopt the Plan.

Broadly, the Plan contains requirements about the following cyber incident issues:

Cyber incident preparation
Threat detection and analysis
Cyber incident notifications
Additional Notifications

"Will your Council’s IT policies need to be updated to align with the Plan?"

Mark Hayes, Partner

The Plan does not replace an organisation’s existing information security plans, policies and procedures. Rather, the existing documents should be updated to align with the Plan.

As councils continue to adopt cloud computing their exposure to cyber incidents will increase. Alignment of council policies with the Plan should better prepare councils in responding and managing cyber incidents and assist councils in creating a trusted and secure cyber environment.

Will your Council’s IT policies need to be updated to align with the Plan?