Sense of Security is one of Australia’s most trusted providers of cyber resilience, information security and risk management services.

Latest announcements
© Copyright Sense of Security
Cyber Security Services

NSW Government cyber security policy

It is a mandatory requirement that all NSW Government agencies implement the NSW Government Cyber Security Policy  along with strategies to mitigate cyber risk.

The NSW Cyber Security Policy requires  a report on cyber security maturity needs and must be submitted to agency head and GCISO by August 31st each year.

What are the requirements?

The mandatory requirements are:

Planning and Governance

  • Ensure that a governance committee is in place to be accountable for cyber security policies, risk and compliance.

Cyber Security Culture / Awareness

  • Increase cyber security awareness/training. Control access to systems on an as needs basis.

Manage Cyber Security Risks

  • Implement an Information Security Management System (ISMS) as well as implementing and reporting on the maturity against the ACSC Essential 8.

Resilience against cyber attack

  • Cyber Incident Response plan that integrates with the agency incident management process

Report against the requirements

  • Annual Report must be submitted by August 31 to GCISO and agency head.

For more information visit NSW Cyber Security Policy

SOS and the NSW Government
cyber security requirements

Sense of Security’s Governance, Risk and Compliance Practice employs experienced ISO 27001 Lead Assessors and Implementors that can assist any organisation develop and implement an effective security strategy that aligns to the latest NSW Cyber Security Policy.

SOS’s roadmap strategy to achieve compliance to NSW Cyber Security Policy includes:


  • Security forum and governance structure
  • Cyber Security Risk Assessment and remediation plan
  • ISMS Framework
  • Roles and Responsibilities


  • Cyber Security Awareness Program
  • Review Access Control to sensitive information
  • Support in communicating security threat to other agencies to manage cyber-risk


  • Maturity assessment based on ACSC Essential 8
  • Document policies, standards and processes
  • Risk Treatment: This may include Vulnerability management Program, SDLC, Fraud detection
  • System Classification and identification of ‘Crown Jewels’

Detect, Respond & Recover

  • Develop Cyber Security Incident Plan
  • Annual Cyber Security Incident Plan testing
  • Deploy monitoring process for identification of incidents


  • Assist in preparing Annual Report by August 31 to GCISO and agency head

Sense of Security experts and experienced assessors will keep you fully compliant with the NSW Govt Cyber Security policies and procedures.


Speak to one of our trusted experts
on 1300 922 923 or make an enquiry today.