Skip to content
arrow_back
E8-AC-ML2.10
search
E8-AC-ML2.10 bolt ASD Essential Eight

Report cyber security incidents to ASD quickly

Notify ASD promptly when cyber security incidents occur or are discovered.

Responsive ML2 Essential EightApplication controlincident reportinginformation sharing
record_voice_over

Plain language

If a cyber security incident happens, like hackers trying to break into your business systems, it's crucial to let the Australian Signals Directorate (ASD) know about it as soon as possible. This helps protect not only your business but also others by allowing ASD to provide guidance and possibly stop further attacks.

Framework

ASD Essential Eight

Control effect

Responsive

E8 mitigation strategy

Application control

Classifications

N/A

Official last update

N/A

Control Stack last updated

19 Mar 2026

E8 maturity levels

ML2

Official control statement

Cyber security incidents are reported to ASD as soon as possible after they occur or are discovered.
bolt ASD Essential Eight E8-AC-ML2.10
priority_high

Why it matters

Delaying incident reports to ASD can slow threat correlation and response, increasing the chance of ongoing compromise and broader harm.

settings

Operational notes

Document when to notify ASD, keep ASD contact details current, and rehearse the reporting workflow so incidents are reported as soon as discovered.

build

Implementation tips

  • Business owner: Set up a clear process for when and how to report incidents to the ASD, including who is responsible for making the report.
  • IT manager: Ensure the IT team knows about the ASD reporting requirements and include them in the company's incident response plan.
  • Security officer: Regularly train staff on recognising cyber incidents and the importance of reporting them quickly.
  • System administrator: Monitor systems for suspicious activity and prepare draft incident reports ready for quick submission to the ASD.
fact_check

Audit / evidence tips

  • AskDoes the organisation have a procedure for reporting cyber incidents to the ASD?
  • GoodThe plan includes clear instructions to report incidents to the ASD as soon as they're detected
  • AskHas the staff been trained on reporting incidents to the ASD?
  • GoodStaff training sessions include information on identifying incidents and reporting them to ASD
link

Cross-framework mappings

How E8-AC-ML2.10 relates to controls across ISO/IEC 27001, ISO/IEC 42001, Essential Eight, and ASD ISM.

ASD ISM

Control Notes Details
sync_alt Partially overlaps (1) expand_less
ISM-0142 ISM-0142 requires organisations to report compromise or suspected compromise of cryptographic equipment or associated keying material to ...
handshake Supports (1) expand_less
ISM-0043 E8-AC-ML2.10 requires timely reporting of cyber security incidents to ASD after occurrence or discovery
link Related (1) expand_less
ISM-0140 E8-AC-ML2.10 requires cyber security incidents to be reported to ASD as soon as possible after they occur or are discovered

These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.

Mapping detail

Mapping

Direction

Controls