Control: ism-0123; Revision: 4; Updated: Jun-23; Applicability: ALL; Essential Eight: ML3 ​

Cyber security incidents are reported to the Chief Information Security Officer, or one of their delegates, as soon as possible after they occur or are discovered.