Cyber security incident response arrangements in the WA Government Sector are governed by the Western Australian Whole-of-Government Cyber Security Incident Coordination Framework (the framework), which supports Western Australia’s participation in the national Cyber Incident Management Arrangements (CIMA).
The framework applies to:
- departments, SES and non SES organisations as defined in the Public Sector Management Act 1994 (WA)
- Western Australian Police Force
- entities contracted as Managed Service Providers (MSPs) of the GovNext Core
- entities contracted as MSPs for agencies consuming GovNext Services.
All Government Sector entities, including Government trading enterprises and local governments, are expected to use the framework in support of their management of cyber security incidents.
Agencies must now work to incorporate the framework into their cyber security incident response planning. Under the framework, the responsibilities of agencies include:
- developing and exercising cyber security incident management/response plans
- managing/controlling their own response to cyber security incidents
- mandatory reporting of cyber security incidents to the Office of Digital Government and the WA Police Force’s Technology Crime Services.
For more information, and to request a copy of the Western Australian Whole-of-Government Cyber Security Incident Coordination Framework, please contact the Cyber Security Unit via cybersecurity@dpc.wa.gov.au.
To report a cyber incident, please visit this page: Western Australian Government Cyber Security Incident Reporting Portal