State Emergency Management Plan Cyber Security Sub-Plan

Report purpose

This plan has been endorsed by the State Crisis and Resilience Council (SCRC) as a sub-plan to the State Emergency Management Plan (SEMP). The plan outlines the arrangements for managing cyber security emergencies in Victoria.

As the control agency for cyber security, the Department of Government Services (DGS) has prepared and is responsible for the review and updated of this Sub-Plan.



  • Whole of Victorian Government Cyber Security Event, Incident & Emergency Categories
  • Early Response Summary
  • Publication information
  • Acronyms
  • Version
  • Acknowledgment of Country
  • Plan Activation

State Emergency Management Plan Cyber Security Sub-Plan

  • Our Collective Cyber Security Vision
  • Shared Responsibility
  • About this Plan
  • Audience
  • This Plan is a part of Victoria’s Cyber Security Management Framework

Introduction to Cyber Security Arrangements

  • Defining ‘cyber security emergency’
  • Cyber Security as a State Significant Risk
  • Guiding Principles

Victoria’s Cyber Defence Centre

Cyber Security Emergency Mitigation

  • Threat intelligence
  • Improving cyber security maturity
  • Community and industry awareness and engagement

Cyber Security Emergency Preparedness (Identify, Protect and Detect)

  • Identify cyber security risk
  • Protect from cyber security risk
  • Maintain and exercise plans and arrangements
  • Detection

Cyber Security Emergency Response

  • Analysis
  • Notification
  • Classification
  • Control
  • Class 2 State Control Team – Cyber Security
  • Transfer of Control where there are significant consequences
  • Transfer of Control where the cyber security emergency is a suspected criminal act
  • Control Centre
  • Controlling Victorian consequences of a National Cyber Security Incident or Emergency
  • Managing a Cyber Security Emergency with other concurrent Class 1 or 2 emergency/ies
  • Coordination and ongoing engagement
  • Media and public communication
  • Technical Response, including Containment and Eradication
  • Consequence management
  • Relief
  • National Cyber Security Incident

Cyber Security Emergency Recovery

  • Stand Down

Lessons and Evaluation


  • Appendix A – Acronyms
  • Appendix B – Common sources of cyber security compromise
  • Appendix C– Sector Resilience Networks
  • Appendix D – State Emergency Management Priorities
  • Appendix E – Summary of Threat Intelligence Products
  • Appendix F - Frameworks for cyber security maturity
  • Appendix G – Useful steps in confirming the presence of a cyber security incident
  • Appendix H – Contact details of key stakeholder agencies
  • Appendix I - Comparison of Whole of Victorian Government Cyber Security Incident Categories with Business Impact Levels
  • Appendix J – Summary of AIIMS functions
  • Appendix K – Demonstrating linkages with the Victorian Preparedness Framework
Date of Publication


You may need Adobe® Acrobat® Reader or Libre Office to view the document(s) on this page.

Get Adobe® Acrobat® Reader (External link)

Get Libre Office (External link)


If you would like to receive this publication in a more accessible format, you can request it via our feedback form.