The object of this Act is to provide a framework for managing risks relating to critical infrastructure, including by:
(a) improving the transparency of the ownership and operational control of critical infrastructure in Australia in order to better understand those risks; and
(b) facilitating cooperation and collaboration between all levels of government, and regulators, owners and operators of critical infrastructure, in order to identify and manage those risks; and
(c) requiring responsible entities for critical infrastructure assets to identify and manage risks relating to those assets; and
(d) imposing enhanced cyber security obligations on relevant entities for systems of national significance in order to improve their preparedness for, and ability to respond to, cyber security incidents; and
(e) providing a regime for the Commonwealth to respond to serious cyber security incidents.