Commonwealth Numbered Acts Commonwealth Numbered Acts(1) The Cyber Incident Review Board may cause a review to be conducted under this section in relation to a cyber security incident, or a series of related cyber security incidents, on written referral by:
(a) the Minister; or
(b) the National Cyber Security Coordinator; or
(c) an entity impacted by the incident or an incident in the series of incidents; or
(d) a member of the Board.
Note: Each review is conducted by a particular review panel established for that review in accordance with the terms of reference for the review.
(2) A review may only be conducted under this section:
(a) if the Board is satisfied that the incident or series of incidents meets the criteria mentioned in subsection (3); and
(b) after the incident or series of incidents, and the immediate response, has ended; and
(c) if the Minister has approved the terms of reference for the review.
(3) For the purposes of paragraph (2)(a), the criteria are:
(a) the incident or series of incidents have seriously prejudiced, or could reasonably be expected to seriously prejudice:
(i) the social or economic stability of Australia or its people; or
(ii) the defence of Australia; or
(iii) national security; or
(b) the incident or series of incidents involved novel or complex methods or technologies, an understanding of which will significantly improve Australia's preparedness, resilience, or response to cyber security incidents of a similar nature; or
(c) the incident or series of incidents are, or could reasonably be expected to be, of serious concern to the Australian people.
(4) Each review is to be conducted by a review panel that consists of:
(a) the Chair; and
(b) the standing members of the Board that are specified in the terms of reference for the review; and
(c) the members of the Expert Panel appointed to assist in the review under section 70.
The terms of reference for the review must specify one or more standing members for the review.
(5) The rules may make provision for or in relation to reviews under this Part, including for or in relation to the following:
(a) dealing with written referrals made to the Board;
(b) prioritisation of referrals for review and reviews conducted;
(c) terms of reference for reviews, including their variation;
(d) notification of reviews;
(e) the timing of when reviews may be conducted;
(f) when reviews may be discontinued;
(g) how information or submissions may be provided for reviews.