Intelligence Brief — March 2026

Azure OpenAI vs. SOCI CIRMP:
7 Unmet Compliance Obligations

For Critical Infrastructure Entities Using Hosted AI Reasoning Services

If your organisation is a Responsible Entity under Australia's Security of Critical Infrastructure Act 2018 (SOCI Act), and you use Azure OpenAI, AWS Bedrock, or any hosted AI reasoning service — you almost certainly have unaddressed gaps in your Critical Infrastructure Risk Management Program (CIRMP).

The Blind Spot

Most CIRMPs were written before AI APIs became embedded in operational workflows. They cover traditional IT vendors, OT/SCADA suppliers, and physical security — but not AI reasoning services that now influence scheduling, anomaly detection, customer communications, and operational control logic.

1 Material Supplier Identification

CIRMP Rules, Part 2

REs must identify all suppliers whose disruption could materially impact availability, integrity, or confidentiality of a critical infrastructure asset.

❌ AI API providers are rarely listed as material suppliers, despite being single points of failure.

🧪 Test: Can your organisation operate its critical functions for 72 hours if your AI API provider returns HTTP 403 for all requests?

2 Foreign Interference Risk Assessment

SOCI Act Part 2B

REs must assess risks from foreign ownership, control, or influence over their supply chain.

❌ Most AI providers are US-headquartered with opaque ownership structures. Geopolitical risk is not theoretical.

🧪 Test: Do you know which foreign governments have investment stakes in your AI provider? Does your CIRMP account for a scenario where your provider is sanctioned or designated?

3 Operational Resilience — Failover

Section 30AH

REs must maintain operational resilience, including the ability to continue essential services during supply chain disruptions.

❌ Most AI integrations have no failover path. When the API goes down, the dependent process stops.

🧪 Test: If your primary AI API returns errors for 4 hours, does your system automatically degrade to a non-AI fallback? Is this failover tested quarterly?

4 Data Sovereignty & Transmission Transparency

Cross-border Data Flow

REs must understand where their data is stored, processed, and transmitted.

❌ AI API calls typically send operational data to US-based inference endpoints. Even "Australia East" deployments may route through global load balancers.

🧪 Test: Can you produce a data flow diagram showing exactly which jurisdictions your AI API requests traverse?

5 Personnel Access Transparency

The "Personnel Filter"

REs must manage risks from personnel with access to critical systems.

❌ AI providers' SRE/ops teams have broad access to inference infrastructure. You have zero visibility into who has production access.

🧪 Test: Does your AI provider disclose the geographic location and security clearance level of personnel with production access to your inference workloads?

6 Mandatory Cyber Incident Reporting Alignment

Incident Notification SLA

REs must report significant cyber security incidents within prescribed timeframes.

❌ If your AI provider experiences a breach, your reporting obligation is triggered — but you may not learn about it for days.

🧪 Test: Does your contract include a notification SLA shorter than your SOCI reporting deadline? Is there an automated alert pipeline?

7 Supply Chain Concentration Risk

Single Point of Failure

REs must avoid undue concentration of risk in their supply chain.

❌ Many organisations use a single AI provider across multiple critical functions.

🧪 Test: If your AI provider permanently exits the Australian market, what is your migration timeline? Is it documented and tested?

The "403 Forbidden" Lesson

On February 28, 2026, a major cloud provider unilaterally suspended a customer's account with no prior warning, returning HTTP 403 for all API requests. AI-dependent workflows were immediately disrupted.

Key takeaway: Unilateral account suspension is a feature, not a bug, of cloud provider terms of service. Your CIRMP must account for it.

What Should You Do?

  1. Audit your CIRMP for AI supply chain gaps using the 7 tests above.
  2. Map your AI dependencies to specific critical infrastructure assets.
  3. Establish failover paths for all AI-dependent critical functions.
  4. Negotiate contractual protections including incident notification SLAs.
  5. Test your resilience with quarterly AI supply chain disruption exercises.
Get a Free SOCI AI Risk Assessment →