Compliance standards for Critical infrastructure
Critical infrastructure spans the energy, water, transport, healthcare, and communications sectors whose disruption would impact national security, safety, and the economy. Updated continuously, with mapped controls and expert guidance from 6clicks.
All Critical infrastructure content · 8 items
SOCIA 2018 — Security of Critical Infrastructure Act 2018
The Security of Critical Infrastructure Act 2018 (SOCIA) establishes a regulatory framework for managing national security risks to Australia’s critical infrastructure sectors. It introduces statutory obligations, reporting requirements, and oversight mechanisms for critical assets.
Australian Department of Home Affairs • Australia • vNo. 29, 2018
C2M2 — Cybersecurity Capability Maturity Model
The Cybersecurity Capability Maturity Model (C2M2) is a tool developed by the U.S. Department of Energy to help organizations evaluate and enhance their cybersecurity capabilities. It focuses on both IT and OT environments, offering a structured framework of over 350 practices organized into 10 domains.
U.S. Department of Energy • United States • v2.1
ECC 2-2024 — Essential Cybersecurity Controls
The Essential Cybersecurity Controls (ECC 2-2024) aim to enhance cybersecurity at the national level in Saudi Arabia. They provide policies and controls to protect the information and technological assets of national entities.
National Cybersecurity Authority • Kingdom of Saudi Arabia • v2-2024
DCC-1:2022 — Data Cybersecurity Controls
The Data Cybersecurity Controls (DCC-1:2022) establish minimum cybersecurity requirements to protect data throughout its lifecycle. Issued by the Saudi National Cybersecurity Authority, the controls build on existing cybersecurity frameworks to enhance the Kingdom's overall cybersecurity maturity.
National Cybersecurity Authority (NCA) • Kingdom of Saudi Arabia • v1:2022
EU Regulation 2022/1645 — Commission Delegated Regulation (EU) 2022/1645
EU Regulation 2022/1645 establishes mandatory cybersecurity management requirements for Part 21 Design Organisations (DOs) and Production Organisations (POs) in the aviation sector. It introduces the implementation of an Information Security Management System (ISMS) to protect critical systems, data, and processes from cyber threats.
European Commission • European Union
Renewable Energy (Electricity) Act 2000
The Renewable Energy (Electricity) Act 2000 establishes a legal framework to encourage the generation of electricity from renewable energy sources in Australia. It creates a system for renewable energy certificates and mandates a Renewable Power Percentage to ensure participation by electricity retailers.
Australian Government • Australia
AESCSF v2 Core — Australian Energy Sector Cyber Security Framework
The Australian Energy Sector Cyber Security Framework (AESCSF) provides a structured approach for managing cybersecurity risks specific to the energy sector. Version 2 introduces updates and refinements to address evolving threats and ensure resilience.
Australian Energy Market Operator (AEMO) • Australia • v2.0
CDR Energy Sector Designation 2020 — Consumer Data Right (Energy Sector) Designation 2020
This legislative instrument designates the Australian energy sector under the Consumer Data Right (CDR) framework. It specifies the types of data, entities, and arrangements covered by CDR for energy consumers.
Australian Government • Australia • v26 June 2020
Manage Critical infrastructure compliance with 6clicks
The 6clicks platform maps these regulations to controls, evidence and risks — automatically.