AICD’s Cyber Security Governance Principles

A framework for effective board oversight of cyber security across five key areas

Published: October 2022

Summary: The Cyber Security Governance Principles are the result of a collaboration between the Australian Institute of Company Directors (AICD) and the Cyber Security Cooperative Research Centre (CSCRC). The principles are informed by extensive consultation with government, industry experts and the director community.

The principles provide a practical framework for effective board oversight across five key areas:

  • Roles and responsibilities
  • Cyber strategy development and evolution
  • Incorporating cyber into risk management
  • Building a cyber resilient culture
  • Preparing and responding to a significant cyber incident

Available from: