Policy and Standards

ANCI develops leading policy and standards by leveraging the insights of its diverse membership base, who contribute to the organisations mission through its unique expert and advisory panels. 

ANCIs capability to develop and test policy positions is underpinned by:

  • The active participation of ANCI and CREST ANZ members in expert and advisory panels;
  • ANCI’s Policy Council (APC) which considers and develops policy proposals by working with our various expert and advisory panels;
  • Connecting and networking with like-minded members across a range of diverse industry sectors to leverage the collective wisdom, capability and experience of the community in defining and responding to Australia’s cyber security needs;
  • Shared best practices, thought leadership, education, innovative approaches, the latest trends as well as discuss shared challenges, failures and learnings;
  • Relationships with federal government departments, Senators, Members of the House of Representatives and staff of these elected officials to formulate policy from an educated and informed perspective.

Together, we aim to develop policy and standards that enable the cyber security sector to tackle systemic and individual business issues.


ANCI is focused on leveraging the expertise of our members across Australia. This collective expertise assists ANCI to develop and communicate solutions underpinned by practical frameworks, tools and programs that will add cyber security benefits to all sectors of the Australian business landscape.

Expert and Advisory Panels

ANCI works to a expert and advisory panel structure that helps us identify and prosecute issues particular to major market sectors. This panel structure enables members to:

  • connect and network with like-minded members across a range of diverse industry sectors to leverage the collective wisdom, capability and experience of the community.
  • share best practices, thought leadership, education, innovative approaches and stay abreast of the latest trends.
  • discuss challenges, failures and learnings – effectively, a sounding board for ideas exchange.
  • make consistent decisions concerning services for members and core policy positions for advocating the cyber industry.

As a consequence, ANCI’s panel structure is the key vehicle for developing policy, standards, solutions and member services. Panels may draw heavily on policy proposals and research undertaken by ANCI staff, but the responsibility for determining policy and standards rests with the committees. By working to a sector then national panel structure, which relies on member representation, ANCI ensures that our members’ unique needs are understood and translated to policy, standards and advocacy initiatives.

Participating members of sector committees are also members of ANCI’s Policy Council (APC). APC considers and develops policy proposals by working with our various panels.

    Board Services

    Board directors don’t have be technologists to guide the cyber security practices in the organisation. They do however have a vital governance function, influencing company behaviour and determining the company’s risk appetite.

    Across the globe, Boards are seeking access to best practices for building a cyber healthy organisation.

    • While a Board of Directors not directly responsible for the security of the organisation, the Board’s understanding of the organisation’s security culture and governance model plays and important role in defining the overall cyber health of the organisation;
    • Data breaches are a reality and it is possible to adopt some basic principle based structural and governance changes and implement cyber hygiene to mitigate risks and prevent reputational and monetary damages;
    • Many Boards seek guidance regarding investment in cyber security and data driven decision making helps an organisation to optimally utilise its resources and judiciously invest;
    • Finally, as the Board is ultimately held liable for large cyber incidents, they seek to understand the legal implication of cyber risk, within a standardised framework encompassing both financial and non-financial risk.

    Cyber risk cannot be managed in isolation, it requires a holistic risk management framework. Board Directors and senior executives are responsible for the management of cyber risk and for developing strong cyber resilience.

    Please enquire below to find out more about ANCI’s Board Services.

    Contact Us

    +61 498 001 477

    Level 2, 1 Southbank Boulevard, Southbank, Australia, 3006

    Monday – Friday: 8 am – 5 pm

    By Email

    10 + 15 =