⚡ Critical infrastructure — SOCI

The SOCI Act puts risk-management-program obligations on owners and operators of critical infrastructure — cyber-incident readiness, supply-chain hazard management, annual board sign-off. Regulator expectations are rising faster than most asset operators' security tooling.

Book a demo → Try it on sample docs
Served via existing lanesRisk-management program · supply-chain hazards · board sign-off

Frameworks on the engine serving this vertical

Read from the live catalogue at build time — a framework that is not live on the engine never renders here. Depth is badged per framework: consultant-grade only where we go deepest (ISM/IRAP, Essential Eight), Tier-A breadth everywhere else.
ASD Essential EightConsultant-grade depth
ISM (IRAP)Consultant-grade depth
NIST CSF 2.0Tier-A breadth
CIS Controls v8Tier-A breadthLicence-gated

Licence-gated catalogues carry control IDs and CyberSentien's own labels only — the full standard text requires your licence and is never reproduced.

Depth today — stated honestly

Honest position: there is no dedicated SOCI catalogue on the engine yet. The risk-management-program obligations are served through the lanes above — Essential Eight maturity, ISM control depth, NIST CSF functions, CIS Controls (licence-gated) and a third-party risk register for supply-chain hazards. Where an obligation is not covered, the posture says so instead of shading it green.

The global angle

The SOCI Act is Australian, and there is no dedicated SOCI catalogue on the engine yet — this page says so rather than shading it green. The lanes serving the obligations mix Australian depth (Essential Eight, ISM) with internationally used instruments — NIST CSF 2.0, CIS Controls v8 — exactly as live on the catalogue.

See it on the real engine

Run the frameworks above against synthetic sample documents now, or tell us where you sit and we'll send a gated, revocable demo link.

Request the demo →Try it now →