I find intriguing the proposed reforms to the CIRMP rules: https://www.homeaffairs.gov.au/how-to-engage-us-subsite/files/consultation-on-proposed-amendments-to-ministerial-directions-powers-cirmp/consultation-exposure-draft-cirmp-rules.pdf

Because they remind me of the ever-present tension between industry v government over (and for each it is a question of degree) prescriptive versus principles-based regulatory instruments.

A lot of the proposed stuff to flesh out the CIRMP regime makes me wonder why regulated entities didn't already know they _should_ be doing those things as part of a risk-based all-hazards CIRMP.

That said, I'm biased and love explicit supply chain mapping, given my existing work on the same.

Love the proposed amendments to SOCI pt 3 directions powers: https://www.homeaffairs.gov.au/how-to-engage-us-subsite/files/consultation-on-proposed-amendments-to-ministerial-directions-powers-cirmp/public-consultation-paper-soci-act-ministerial-directions-reforms.pdf

Especially the bits re intervening in corporate governance at CNI people and mapping supply chains, not least since I have written extensively on the need to map software supply chains feeding CNI and identify systemic risks from/within them (eg https://open.substack.com/pub/atechnolegalupdate/p/crowdstrikes-corporate-citizenship?utm_campaign=post-expanded-share&utm_medium=web).

While I appreciate the objectives here, I note national security risk arises from:
- incompetent/reckless/aloof corporate officers, rather than just those being agents of foreign powers
- ditto re vendors, especially Western edge device vendors.

'More than 100 construction projects across NSW’s hospitals and other healthcare sites are now under the microscope ...

'... a balcony exposed to spores from RPA’s major redevelopment construction site was probably the source of the fungus cluster ...

'Environmental testing and cleaning monitoring failed to meet care delivery standards ... prompting NSW Health Secretary Susan Pearce to order audits across NSW Health’s extensive network of construction projects.

'[The balcony] was accessible to patients on RPA’s transplant ward while construction occurred next door on the hospital’s $940 million redevelopment. At least one of the affected patients used the balcony before it was shut off in late November.

'The report found that CPB managed and monitored emissions at its construction site boundaries, but did not assess the risk to patients’ access to balconies near or above the construction works.

'Its recommendations included updating the hospital’s construction risk assessments and monitoring to include all clinical areas, including air intakes, windows, and balconies, and establishing a formal governance process to monitor and respond to any increase in invasive fungal infections'.
https://www.smh.com.au/national/nsw/patient-remains-in-icu-four-months-after-deadly-fungus-cluster-20260326-p5zj19.html