Skip to main content

The Administrative Arrangements Order of 3 August 2023 transferred responsibility for protective security policy, including the Protective Security Policy Framework, from the Attorney-General's Department to the Department of Home Affairs. These Machinery of Government (MOG) changes began on 4 August 2023.

The PSPF Reporting Portal will transfer to the Department of Home Affairs on 11 June 2024. Before 11 June 2024, all entities and users must set up new authentication credentials through VANguard. You can get more information by contacting the Government Protective Security Policy section at or the PSPF hotline on 02 5127 9999.

Release of the PSPF 2018 – 19 whole-of-government maturity report

The Australian Government is committed to ensuring government business is delivered securely while continuing to build trust and confidence in our ability to engage with and manage security risks.

The Protective Security Policy Framework assists Australian Government entities to protect their people, information and assets, both here and overseas.

Each financial year, non-corporate Commonwealth entities must report on their security posture to their portfolio minister and the Attorney-General's Department. This report provides assurance to government and the Australian public that entities are implementing security measures that proportionately address their unique security risk environments.

We have now published the Protective Security Policy Framework 2018–19 Assessment Report. This report is the first since reforms to the Protective Security Policy Framework, which were announced in late-2018.

The report uses a new 4-level security maturity model to measure entities implementation of security requirements. The new maturity model replaces the former binary compliance-based model.

The results are promising. Most entities have substantially implemented the core and supporting requirements of the Protective Security Policy Framework. Entities are actively engaged with risk and have a strong understanding of their threat environments. They demonstrate a commitment to improving the security of their information, as well as their people and assets.

The Australian Government is committed to maintaining and improving security practices to protect the resources it holds in trust on behalf of the Australian public, and to meet the high expectations of the Australian people.

Find the report and more information about the new maturity model on the Annual Reporting page.