NSW Cyber Security Policy (NSW CSP)
Details
This download includes the NSW CSP Maturity Assessment requirements only so there are no mapped questions. Use this download if you just want the provisions and you want to create your own question set.
This policy applies to all NSW government departments and Public Service agencies, including statutory authorities and all NSW government entities that submit an annual report to a Secretary of a lead department or cluster, direct to a Minister, or direct to the Premier. In this policy, references to “lead cluster departments” or “clusters” mean the departments listed.
The NSW CSP Maturity Reporting is an annual assessment of cyber security required to be undertaken by NSW government entities. The requirements are closely aligned with ISO/IEC 27001 and require NSW government entities to have an effective Information Security Management System (ISMS). For the ASD Essential 8 reporting requirements, please refer to our separate ASD Essential 8 assessment.
The NSW CSP Maturity Reporting includes 20 requirements across 4 domains, which are:
- Planning and Governance
- Cyber Security Culture
- Safeguarding Information and Systems
- Cyber Incident Management
Getting Started
Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.More Information
| Jurisdiction | Australia |
|---|---|
| Type | Laws or related obligations |