Useful Links

NSW Government

State Owned Corporations Act 1989 (https://www.legislation.nsw.gov.au/#/view/act/1989/134)

State Records Act 1998 (https://www.legislation.nsw.gov.au/#/view/act/1998/17)

Privacy and Personal Information Protection Act 1998 (https://www.legislation.nsw.gov.au/#/view/act/1998/133)

Health Records and Information Privacy Act 2002 (https://www.legislation.nsw.gov.au/#/view/act/2002/71)

Government Information (Public Access) Act 2009 (https://www.legislation.nsw.gov.au/#/view/act/2009/52)

Government Sector Employment Act 2013 (https://legislation.nsw.gov.au/#/view/act/2013/40)

Data Sharing (Government Sector) Act 2015 (https://www.legislation.nsw.gov.au/#/view/act/2015/60/full)

The NSW State Infrastructure Strategy 2018-2038 (https://www.nsw.gov.au/improving-nsw/projects-and-initiatives/nsw-state-infrastructure-strategy/)

Department of Customer Service

NSW Government Information Classification, Labelling and Handling Guidelines (2015) (https://arp.nsw.gov.au/dfsi-2015-01-nsw-government-information-classification-labelling-and-handling-guidelines/topdf/dfsi-2015-01-nsw-government-information-classification-labelling-and-handling-guidelines.pdf)

NSW Government Cyber Security Strategy (https://www.digital.nsw.gov.au/policy/cyber-security)

NSW Cyber Security Policy (https://www.digital.nsw.gov.au/sites/default/files/
NSW%20Cyber%20Security%20Policy%20v2.0.pdf)

Managing data and information, 2013 (https://www.digital.nsw.gov.au/support-services/data-information/managing-data-information)

Information and Privacy Commission NSW

Guidance on Data Breaches, May 2018 (https://www.ipc.nsw.gov.au/data-breach-guidance)

NSW Audit Office

Detecting and responding to cyber security incidents (https://www.audit.nsw.gov.au/publications/latest-reports/detecting-and-responding-to-cyber-security-incidents)

NSW Treasury

Risk management toolkit (https://www.treasury.nsw.gov.au/information-public-entities/governance-risk-and-assurance/internal-audit-and-risk-management/risk)

NSW Department of Premier and Cabinet

Memorandum M1999-19 Applicability of Memoranda and Circulars to State Owned Corporations (https://arp.nsw.gov.au/m1999-19-applicability-memoranda-and-circulars-state-owned-corporations-socs)

State Archives and Records Authority of NSW

Standard on Records Management, 2018 (https://www.records.nsw.gov.au/recordkeeping/rules/standards/records-management)

Using cloud computing services: implications for information and records management, 2015 (https://www.records.nsw.gov.au/recordkeeping/advice/using-cloud-computing-services)

Storage of State records with service providers outside of NSW, 2015 (https://www.records.nsw.gov.au/recordkeeping/advice/storage-and-preservation/service-providers-outside-nsw)

Australian Government – Home Affairs

Security of Critical Infrastructure Act 2018 (https://www.homeaffairs.gov.au/about-us/our-portfolios/national-security/security-coordination/security-of-critical-infrastructure-act-2018)

Australia’s Cyber Security Strategy, 2016 (https://cybersecuritystrategy.homeaffairs.gov.au/)

Australian Government - Attorney-General’s Department

The Protective Security Policy Framework (https://www.protectivesecurity.gov.au/Pages/default.aspx)

Relevant Australian and international standards (https://www.protectivesecurity.gov.au/resources/Pages/relevant-australian-and-international-standards.aspx)

Australian Government - Australian Signals Directorate

Information Security Manual (https://acsc.gov.au/infosec/ism/)

Australian Government – Office of the Australian Information Commissioner

Australian privacy Principles guidelines, 2014 (https://www.oaic.gov.au/images/documents/privacy/applying-privacy-law/app-guidelines/APP-guidelines-combined-set-v1.pdf)

International Organization for Standardization

ISO 22301 Societal Security – Business continuity management systems – Requirements (https://www.iso.org/standard/50038.html)

ISO 27031 Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity (https://www.iso.org/standard/44374.html)

ISO 27032 Information technology – Security techniques – Guidelines for cybersecurity (https://www.iso.org/standard/44375.html)

National Institute of Standards and Technology

Framework for Improving Critical Infrastructure Cybersecurity (https://www.nist.gov/cyberframework)