Compliance Overview

Compliance Framework
Compliance Driver Cyber Security Act 2024 (Cth)
Classification Level 1
University-wide concern. Impacts on reputation and funding.
Associated Legislation
Associated Standards None
Associated Codes None
Associated Information None
Return to Top Administrative Information
Administrative Body
Administrative Name
Administrative Address  
Administrative Phone  
Administrative Email  
Administrative Website  
Return to Top General Introduction
VC Compliance Delegate Neil Durrant, Executive Director Future Students, Engagement and Technology
Compliance Coordinator Daniel Dooner, Deputy Chief Information Security Officer
Business Units Impacted
  • Academic Development
  • Accounting
  • Administration Services
  • Advancement, Alumni and Events
  • Ag360
  • Animal Genetics and Breeding Unit
  • Australian Business Research Institute
  • Brand Partnership and Business Development
  • Business Intelligence and Analytics
  • Business Services
  • Campuses
  • Careers & Employability
  • Centre for Agriculture and Law
  • Centre for Animal Research and Teaching & Farms
  • Centre for Applied Research in Social Science
  • Centre for Local Government
  • Client Services
  • Collaborative Research Centres
  • Computational Analytics Software Infomatics
  • Controlled Entities
  • Corporate Communications and Events
  • CRC for Beef Genetic Technologies
  • Curriculum and Academic Management
  • Data Services
  • Digital Education
  • Education Enterprise
  • Education Futures
  • Education Quality Directorate
  • Enterprise Architecture
  • Estate and Built Environment
  • Examinations Office
  • Faculty of Humanities, Arts, Social Sciences and Education
  • Faculty of Medicine and Health
  • Faculty of Science, Agriculture, Business and Law
  • Finance Strategy and Business Intelligence
  • Fleet & Logistics Services
  • Future Students, Engagement and Technologies
  • Graduate Research School
  • Heritage Futures Research Centre
  • Information Security
  • Infrastructure Services
  • Institute for Rural Futures
  • Integrated Services and Operational Intelligence
  • Internal Audit
  • LabNext70
  • Legal Services
  • Library Services
  • Office of Strategy and Management
  • Office of the Chief Financial Officer
  • Office of the Chief Operating Officer
  • Office of the Deputy Vice-Chancellor
  • Office of the Deputy Vice-Chancellor (Research)
  • Office of the Director Governance and University Secretary
  • Office of the Pro Vice-Chancellor Indigenous
  • Office of the Vice-Chancellor and CEO
  • Oorala Aboriginal Centre
  • Operational Reporting
  • People and Culture
  • Poultry Hub
  • Procurement
  • Records Team
  • Records, Policy and Governance Unit
  • Research Centres and Institutes
  • Research Services
  • Rural Properties
  • School of Education
  • School of Environmental and Rural Science
  • School of Health
  • School of Humanities, Arts and Social Sciences
  • School of Law
  • School of Psychology
  • School of Rural Medicine
  • School of Science and Technology
  • SportUNE
  • Strategic Partnerships & Business Development
  • Student Grievance Unit
  • Student Journey
  • Student Pathways
  • Student Services
  • Technology and Digital Services
  • The National Centre of Science, Information and Communication Technology, and Mathematics Education
  • Treasury
  • UNE Archives & Heritage Centre
  • UNE Brand and Marketing
  • UNE Business School
  • UNE Council
  • UNE Foundation Limited
  • UNE Foundation Trust
  • UNE International
  • UNE Life Healthcare Centre
  • UNE Life Pty Ltd
  • UNE Marketing
  • UNE Partnerships Pty Ltd
  • UNE Residential System
  • University Secretariat
  • Yarm Gwanga
Overview The Cyber Security Act 2024 establishes a framework for improving national cyber security. It introduces mandatory security standards for certain internet-connectable products, reporting obligations for ransomware payments, and a "limited use" framework for information shared with the National Cyber Security Coordinator. It also establishes a Cyber Incident Review Board.

In relation to mandatory ransomware and cyber extortion reporting the University is required to report ransomware payments to the Commonwealth within 72 hours.

Compliance Obligations

Return to Top Ransomware Payment Reporting Obligations
Description Mandatory cyber security reporting obligations including ransomware incidents
Impacts Civil penalties for non-compliance with 72-hour reporting requirement. Reputational damage if reporting obligations not met.
Responsible Manager William Confalonieri, Chief Information and Digital Officer
Coordinating Officer Daniel Dooner, Deputy Chief Information Security Officer
Coordinating Unit Technology and Digital Services
Oversight Committee/Group None
Business Units Impacted
  • Technology and Digital Services
Obligation Framework
Associated Legislation
Associated Standard None
Associated Code None
Associated Information None
Management Tools
Rule Information and Communication Technology Facilities and Services Rule
Information Security Rule
Policy Information and Communications Infrastructure Rule
Information Security Policy
Protocol None
Procedure None
Guideline None
Other Websites