Commonwealth Consolidated Acts Commonwealth Consolidated ActsAn evaluation report , in relation to a cyber security exercise that was undertaken in relation to a system of national significance, is a written report:
(a) if the exercise relates to all types of cyber security incidents--the purpose of which is to:
(i) evaluate the entity's ability to respond appropriately to all types of cyber security incidents that could have a relevant impact on the system; and
(ii) evaluate the entity's preparedness to respond appropriately to all types of cyber security incidents that could have a relevant impact on the system; and
(iii) evaluate the entity's ability to mitigate the relevant impacts that all types of cyber security incidents could have on the system; and
(b) if the exercise relates to one or more specified types of cyber security incidents--the purpose of which is to:
(i) evaluate the entity's ability to respond appropriately to those types of cyber security incidents that could have a relevant impact on the system; and
(ii) evaluate the entity's preparedness to respond appropriately to those types of cyber security incidents that could have a relevant impact on the system; and
(iii) evaluate the entity's ability to mitigate the relevant impacts that those types of cyber security incidents could have on the system; and
(c) that complies with such requirements (if any) as are specified in the rules.