R

Free tool

Cyber incident notification tree

A cyber incident can trigger 4+ separate regulator notifications with very different deadlines. This tool maps your organisation profile to every clock that fires and lists the immediate steps to protect privilege and contain the breach.

Organisation profile
Incident profile

1 notification required

  • OAIC + affected individuals

    Up to 30 days assessment, then 'as soon as practicable'

    Eligible data breach — likely to result in serious harm

    Lodge: OAIC NDB statement + direct notification of affected individuals

    Source ↗

Immediate steps

  1. Activate incident response plan; designate incident owner + comms lead.
  2. Preserve evidence — do NOT delete logs or reformat systems.
  3. Contain — isolate affected systems, suspend compromised accounts, rotate credentials.
  4. Notify cyber insurer within 24 hours (policy condition); their forensic panel will engage.
  5. Engage legal counsel (incident response privilege).
  6. Open contemporaneous incident register entry — time of awareness, who knew, actions taken.

Sources

Reference tool — not legal advice. For active incidents, engage your cyber insurer panel + incident-response lawyer immediately. State privacy regulators (IPC NSW, OVIC, OIC Qld) may have additional notification duties.