Skip to content
ACSC Essential Eight aligned

ACSC Essential Eight aligned training evidence for Australian businesses.

Meet Essential Eight, Privacy Act 1988, and cyber insurance compliance requirements with documented proof your staff are trained. One platform, one annual fee, zero complexity.

Australian regulators and insurers expect documented evidence that your team has completed security awareness training. Cyber Learning Hub gives you that evidence—ready for auditors, brokers, and assessors.

  • Essential Eight aligned training evidence
  • Privacy Act 1988 reasonable steps documentation
  • Cyber insurance application and renewal support
  • PDF + CSV evidence pack for auditors and brokers
Try the demo free See AU pricing From $599 AUD/year

Compliance Evidence Snapshot

Essential Eight alignment Documented
Training completions 94%
Phishing baseline 82%

Framework

Essential 8

Avg. score

87%

Period

2025–26

Evidence

PDF + CSV

Compliance alignment

Built for Australian compliance

From Essential Eight to the Privacy Act—we help you meet Australian cyber compliance requirements with confidence.

ACSC Essential Eight alignment

The ACSC recommends security awareness training as a foundational control supporting multiple Essential Eight strategies. Our training module and phishing baseline provide documented evidence of user awareness maturity.

Privacy Act 1988 support

The Privacy Act requires organisations to take reasonable steps to protect personal information (APP 11). Documented security awareness training is one of those reasonable steps. Your evidence pack provides date-stamped proof of compliance.

Australian cyber insurance evidence

Australian cyber insurers increasingly require evidence of staff security awareness training. The PDF summary and CSV register answer the most common training-related questions on insurance applications and renewals.

Annual refresh for ongoing compliance

Australian regulatory expectations are evolving—Privacy Act amendments, APRA CPS 234 for regulated entities, and tightening insurer requirements. Annual training keeps your business current and your evidence fresh.

What your evidence pack includes

  • PDF summary report

    Date-stamped, branded overview with all key metrics.

  • CSV training register

    Per-employee completion dates, scores, and status.

  • Phishing baseline results

    Aggregate phishing simulation scores for your team.

  • Essential Eight aligned documentation

    Evidence mapped to ACSC security awareness expectations.

  • Coverage period timestamp

    Proof that training is current and within the compliance period.

See what you get

Preview the evidence pack

Three deliverables you can hand directly to your compliance assessor, insurer, or broker.

Training register

CSV export with employee name, completion date, quiz score, and pass/fail status for every team member. Ready for Essential Eight assessments.

training_register.csv
Name, Date, Score, Status
J. Smith, 2025-07-12, 90%, Pass
A. Nguyen, 2025-07-13, 85%, Pass
M. O'Brien, 2025-07-13, 70%, Pass

Phishing baseline summary

Aggregate results from your team's simulated phishing test. Evidence Australian regulators and insurers increasingly expect to see.

Emails sent 50
Reported correctly 41 (82%)
Clicked link 7 (14%)
No action 2 (4%)

Compliance snapshot (PDF)

A branded, date-stamped PDF summary designed to support Essential Eight assessments, Privacy Act compliance, and cyber insurance applications.

evidence_pack_2025_au.pdf
Training completion 94%
Avg. quiz score 87%
Phishing baseline 82%
Coverage period 2025–26
Compliance questions

Compliance FAQ

How does this align with the ACSC Essential Eight?

The ACSC recommends security awareness training as a foundational control that supports multiple Essential Eight strategies. Our training module covers the core topics the ACSC expects staff to understand, and the phishing baseline provides measurable evidence of user awareness. The evidence pack documents your training in a format suitable for Essential Eight maturity assessments.

Does this help with Privacy Act 1988 obligations?

Yes. The Privacy Act 1988 requires organisations to take reasonable steps to protect personal information (Australian Privacy Principle 11). Documented security awareness training is widely recognised as one of those reasonable steps. Your evidence pack provides a date-stamped record of training completion, quiz results, and phishing awareness scores—demonstrating that your business has taken proactive measures to reduce human-related data breach risk.

Is this accepted by Australian cyber insurers?

Australian cyber insurers increasingly require evidence of staff security awareness training during applications and renewals. The PDF summary and CSV register answer the most common training-related questions: completion rates, quiz scores, phishing test results, and date-stamped proof that training occurred within the policy period. This documentation can support better coverage terms and smoother claims.

What format is the evidence pack in?

The evidence pack includes two deliverables: a branded PDF summary report with all key compliance metrics (completion rates, quiz scores, phishing baseline results, and coverage period), and a CSV training register with per-employee data including completion dates, individual scores, and pass/fail statuses. Both formats are designed to be attached directly to compliance assessments, insurance applications, and audit requests.

Can I share the evidence with my broker or auditor?

Absolutely. The evidence pack is specifically designed to be shared with brokers, auditors, insurers, and compliance assessors. The PDF summary provides a clean, professional overview, while the CSV register gives detailed per-employee data. Both files can be forwarded directly or attached to assessment submissions.

What our customers say

Trusted by Australian businesses

“We needed evidence of staff training for our Essential Eight compliance review. Cyber Learning Hub made it simple — the evidence pack was exactly what our auditor wanted.”

Sarah M.

Operations Manager, 45-person accounting firm, Sydney

Related reading
Insurance

Cyber Insurance Application Checklist

Everything you need to prepare before your next application.

 Compliance

Security Training Compliance Requirements

Understanding mandatory training requirements for your business.

 Compliance

NIST Cybersecurity Framework for Small Business

A practical guide to implementing the NIST framework.

 Compliance

Breach Notification Requirements

What you're legally required to do after a data breach.

Ready to get your compliance evidence in order?

Train your team, meet Essential Eight requirements, and satisfy your insurer — all in under a week.

Try the demo free Get started — $599 AUD/yr

30-day money-back guarantee. No lock-in contracts.