The Australian Government is in a caretaker period ahead of an election on 18 May 2019. During this period, information on this website will be published in accordance with the Guidance on Caretaker Conventions.
Australian Government - Attorney-General's Department

Protective Security Policy Framework

Skip breadcrumbHome » About » News


What’s new in the Australian Government protective security policy?

12 November 2018

The new email protective marking standard (EPMS) has been released. The EPMS is Annex B to the PSPF policy: 8 Sensitive and classified information.

The EPMS will help ensure all Australian Government entities use a standardised format for protective markings on emails exchanged both in and between entities. Applying a standard format for protective markings supports processes and systems, such as an entity’s email gateway, to control the flow of information into and out of the entity. For message recipients it also identifies what handling protections are needed to safeguard the information. For more information see the new EPMS and the Security classification reforms fact sheet.

1 October 2018

It’s here! The new Protective Security Policy Framework (PSPF) commenced on 1 October 2018 to assist Australian Government entities protect their people, information and assets, at home and overseas. These significant reforms will improve clarity, reduce unnecessary ‘red tape’ and foster a strengthened security culture across government agencies.
The reforms address findings from the 2015 Independent Review of Whole-of-Government Internal Regulation and ensures the PSPF keeps pace with international best practice by:

  • building and maintaining a strong security culture that effectively engages with risk
  • addressing the threat of the malicious insider through improved personnel security, and
  • increasing the cyber security of government networks and information.

The reforms were developed by the Attorney-General’s Department in consultation with stakeholders across government and will apply to all non-corporate Commonwealth entities from today. Corporate Commonwealth entities and Commonwealth companies are encouraged to adopt the policy as best practice.

The PSPF is a living document and may be updated to reflect new and emerging issues, developments in protective security best practice and changes in Government policy. Significant changes will be noted on this page.



Supporting Resources