181ACyber security requirements

#### 181A Cyber security requirements 181A Cyber security requirements > > (1) The regulations may make provision for the following— > > > > > (a) the adoption and implementation by a relevant person of policies and procedures for managing cyber security risks and responding to cyber security incidents, > > > > > (b) the external review and accreditation of a relevant person’s policies and procedures for managing cyber security risks and responding to cyber security incidents. > > > (2) Without limiting subsection (1), the regulations may require a relevant person’s policies and procedures to address the following matters— > > > > > (a) notifying the Secretary of cyber security incidents, > > > > > (b) the process for auditing the relevant person’s implementation and compliance with the policies and procedures and the reporting of the audit result to the Secretary. > > > (3) In this section— > > > > relevant person means the following— > > > > > (a) a network operator, > > > > > (b) an electricity generator, > > > > > (c) a person who is a member of a class of persons prescribed by the regulations. > > **s 181A:** Ins 2010 No 50, Sch 1.1 \[1\]. Rep 2012 No 38, Sch 1 \[124\]. Ins 2021 No 34, Sch 1\[25\].