ACL Cyber Resilience Policy Procedure


inc GST

This procedure* addresses particular cyber resilience requirements of Australian Credit licence holders, using guidance issued by the Australian Securities & Investments Commission (ASIC) and information security standard ISO/IEC 2001.  The policy can be used as a standalone procedure in any credit business, or it can be incorporated into existing credit compliance procedures.  Specifically, the policy addresses the obligations imposed on credit licensees under:


  • the National Consumer Credit Protection Act 2009; and
  • the Privacy Act 1988.


The Policy includes guidance on the following aspects of cyber resilience (to be tailored to suit individual Australian Credit licence holders' needs):
  • Identifying a cyber incident;
  • Credit licensee specific obligations (such as adequacy of IT resources); 
  • Cyber risk management;
  • The organisation’s ability to respond to a cyber incident; 
  • Ongoing monitoring; 
  • Privacy Act requirements; and 
  • Working documents that can be tailored for your use.


This policy has been created specifically for Australian Credit licensees.  If you would like to view details and/or purchase our AFSL Cyber Resilience Policy, please click here.

Note: this policy does not include the new data breach reporting amendments to the Privacy Act 1988.  A separate policy will be released shortly.  

Your investment to purchase this policy is a one-off payment of $950.00, including GST.  We can also provide you with assistance to tailor the policy for your business at our hourly rates.  

What's included?

Once payment is received, the procedure is delivered via email as a downloadable file(s) in Word format, together with a tax invoice.

*This procedure(s) will not comply with the regulatory requirements if it is not correctly tailored to your particular business and kept up-to-date.  Compact - Compliance & Training is not responsible for the tailoring and implementation or upkeep of each procedure once purchased by the licensee.  Compact - Compliance & Training can assist you tailor these documents.  The first step towards keeping your procedure(s) up-to-date is to subscribe to our tailored monthly regulatory update service, T-REX.  The content of each procedure will vary depending on legislative and policy changes and updates, as well as the nature of the licensee.  This procedure(s) is current on the date of purchase.  Whilst every care is taken in their preparation, Compact - Compliance & Training makes no representation that these documents are fit for your particular purpose, and accepts no responsibility for any loss or damage or cost incurred as a result of their use.  Compact - Compliance & Training takes no responsibility for formatting or other errors resulting from software errors, defects, incompatibility or viruses.

View Cart Checkout Trade Policies