The Protective Security Policy Framework (PSPF) sets out Australian Government policy across six security domains. It prescribes what Australian Government entities must do domestically and internationally to protect their:
- people
- information
- resources.
Application of the PSPF assures the government that entities are:
- implementing sound and responsible protective security practices
- identifying and mitigating security risks and vulnerabilities.
We review the PSPF annually to ensure it reflects the current threat environment and we consult with entities on proposed updates through the Government Security Committee. Each review cycle culminates with an annual release.
PSPF Release 2026
PSPF Release 2026 – List of Requirements
Overview
This spreadsheet details the mandatory requirements in PSPF Release 2026. It also includes the reporting question type assigned to each requirement.
Government personnel can access the Excel spreadsheet version on the Protective Security Policy GovTEAMS community.
PSPF Release 2026 – Summary of Changes
Overview
This document summarises the difference between PSPF Release 2025 and PSPF Release 2026.