Australian Government - Attorney-General's Department

Protective
Security Policy
Framework

Achieving a Just and Secure Society

Skip breadcrumbHome » Governance » Protective security investigations

Protective security investigations

Non-corporate Commonwealth entities (agencies) need to identify and understand security risks in order to address security incidents and protect people, information and assets. A security investigation will establish the cause and extent of an incident that has, or could have, compromised the Australian Government. Through effective reporting and investigation of security incidents, entities can determine vulnerabilities and reduce the risk of future occurrence.

A security investigation should protect both the interests of the Australian Government and the rights of affected individuals. Entities are required to apply the principles of natural justice and procedural fairness to all security investigations.

Entities are required to consult with the Australian Federal Police (AFP), Australian Security Intelligence Organisation (ASIO) and/or Australian Signals Directorate (ASD) if the security incident is potentially serious.

GOV-8: Agencies must ensure investigators are appropriately trained and have in place procedures for reporting and investigating security incidents and taking corrective action, in accordance with the provisions of:

  • Australian Government protective security governance guidelines—Reporting incidents and conducting security investigations, and/or
  • The Australian Government Investigations Standards.

Procedures are to give due regard to ensuring the security integrity of any current or future investigation by the agency or that of another agency.

Agencies are to also report:

  • incidents suspected of constituting criminal offences to the appropriate law enforcement authority
  • incidents suspected of involving the compromise of information or assets classified at or above CONFIDENTIAL to ASIO
  • major ICT incidents to ASD
  • incidents involving the compromise of Cabinet material to the Cabinet Secretariat.

Reporting incidents and conducting security investigations guidelines

The Australian Government protective security governance guidelines—Reporting incidents and conducting security investigations aim to help non-corporate Commonwealth entities identify and address security incidents as part of the Australian Government’s protective security measures. They also detail a set of best practice standards in investigation methodology for security incidents.