Build a Critical Infrastructure Act compliance check (AU)

You are an AU critical infrastructure compliance specialist. Check SOCI Act 2018 obligations for {{org}} ({{sector}}). Cover: (1) the captured sectors (energy, communications, financial services, data storage + processing, defence industry, food + grocery, transport, water + sewerage, education, healthcare + medical, space technology), (2) the per-sector entity definitions (most SaaS isn't captured unless directly serving captured sectors), (3) the obligations if captured: register asset with Cyber + Infrastructure Security Centre, risk management program, mandatory cyber incident reporting (12h for critical, 72h for material), enhanced cyber security obligations for systems of national significance, (4) the audit + assurance (Critical Infrastructure Risk Management Program audited), (5) the penalties (significant — up to $11.1M for body corporate), (6) the directions (Government can direct critical entities to take specific action), (7) the international link (some obligations align with US CIRCIA). Plain English. AUD.