Skip to main content

The Administrative Arrangements Order of 3 August 2023 transferred responsibility for protective security policy, including the Protective Security Policy Framework, from the Attorney-General's Department to the Department of Home Affairs. These Machinery of Government (MOG) changes began on 4 August 2023.

The PSPF Reporting Portal will transfer to the Department of Home Affairs on 11 June 2024. Before 11 June 2024, all entities and users must set up new authentication credentials through VANguard. You can get more information by contacting the Government Protective Security Policy section at or the PSPF hotline on 02 5127 9999.

Policy amendments – security caveat changes

We have updated the PSPF policies and related materials to accommodate a new security caveat for ‘National Cabinet’ information and amendments to the REL caveat:

  • PSPF policy 8: Sensitive and classified information
  • Email Protective Marking Standard (Annex G of policy 8)
  • PSPF policy 9: Access to information
  • Australian Government Security Caveat Guidelines (available on GovTEAMS)
  • PSPF fact sheet – classification reforms

New NATIONAL CABINET security caveat

The Government Security Committee (GSC) agreed to introduce the 'NATIONAL CABINET' caveat to identify material which has been specifically prepared for National Cabinet, including by its subcommittees, which should be handled in accordance with Cabinet conventions, within legal frameworks and processes such as Freedom of Information, parliamentary inquiries and judicial processes. The Department of the Prime Minister and Cabinet is the controlling authority for this new caveat.

Uniquely, this caveat can be applied with either a security classification or information marked as OFFICIAL: Sensitive.

See the updated PSPF policy 8, Email Protective Marking Standard and Security Caveat Guidelines for further information.

Revised ICT security requirements for application of the 'REL' caveat

Releasability caveats limit access to information based on citizenship. GSC agreed to amend the electronic handling requirements of the 'REL - Releasable To' caveat to align with other releasibility caveats.

While the REL caveat can still be applied to PROTECTED information, it must now be handled on systems that enforce releasibility controls, that is SECRET and TOP SECRET systems. This change is limited to the electronic handling of classified information marked with the REL caveat. Standing arrangements for the physical protection of information marked with the REL caveat remain unchanged.

See the updated Security Caveat Guidelines for further information. The Australian Government Information Security Manual has also been amended to align with this change.