What is cybersecurity?

Abstract

This section of the Governance Toolkit covers issues of cybersecurity – what they are, how they may affect charities and what charities can do to reduce risks of cyberattacks.

Read the guide and then check your understanding by taking the assessment provided as a tool.

You do not need to submit this assessment to the ACNC – it is optional and designed to help you measure your understanding of the topic and identify areas for training or improvement.

Personal information and sensitive information are defined in the Privacy Act 1988 (Cth) (the Privacy Act):

Personal information is information or an opinion about an identified person (or a person that can reasonably be identified), regardless of whether the information or opinion is true or recorded in a material form.

Sensitive information is a subset of personal information and may include, for example, a person’s religious or philosophical beliefs, sexual orientation or health information.

For more on what constitutes personal information and sensitive information, see ‘Key concepts’ in the Australian Privacy Principles guidelines from the Office of the Australian Information Commissioner.

The Privacy Act has requirements for the way personal information and sensitive information are collected and stored. The Australian Privacy Principles guidelines has information about these requirements. Our guide to managing information and data also provides a good overview for charities.