Commonwealth Consolidated Acts Commonwealth Consolidated Acts(1) An incident response plan is a written plan:
(a) that applies to an entity that is the responsible entity for a system of national significance; and
(b) that relates to the system; and
(c) that relates to cyber security incidents; and
(d) the purpose of which is to plan for responding to cyber security incidents that could have a relevant impact on the system; and
(e) that complies with such requirements (if any) as are specified in the rules.
(2) Requirements specified under paragraph (1)(e):
(a) may be of general application; or
(b) may relate to one or more specified systems of national significance; or
(c) may relate to one or more specified types of cyber security incidents.
Note: For specification by class, see subsection 13(3) of the Legislation Act 2003 .
(3) Subsection (2) of this section does not, by implication, limit subsection 33(3A) of the Acts Interpretation Act 1901 .