Australian Government - Attorney-General's Department

Protective Security Policy Framework

Skip breadcrumbHome » Personnel » Eligibility and suitability of personnel

12 Eligibility and suitability of personnel

Purpose

This policy details the pre-employment screening processes and standardised vetting practices to be undertaken when employing personnel and contractors.

These processes provide a high-quality and consistent approach to managing personnel eligibility and suitability risk across government.

Requirements

Core requirement

The core PSPF requirement for the eligibility and suitability of personnel states:

Each entity must ensure the eligibility and suitability of its personnel who have access to Australian Government resources (people, information and assets).

Entities must use the Australian Government Security Vetting Agency (AGSVA) to conduct vetting, or where authorised conduct security vetting, in a manner consistent with the Personnel Security Vetting Standards.

Pre-employment screening is the primary activity used to mitigate an entity's personnel security risk. Entities may use security clearances where they need additional assurance of the suitability and integrity of personnel. This could be for access to security classified information, or to provide greater assurance for designated positions.

Supporting requirements

The supporting requirements clarify conditions for pre-employment screening and security clearances. This includes outlining the respective responsibilities of sponsoring entities and authorised vetting agencies in relation to security clearances.

Supporting requirements for eligibility and suitability of personnel

#

Supporting requirements

Requirement 1.
Pre-employment screening

Entities must undertake pre-employment screening, including:

  1. verifying a person's identity using the Document Verification Service
  2. confirming a person's eligibility to work in Australia
  3. obtaining assurance of a person's suitability to access Australian Government resources, including their agreement to comply with the government's policies, standards, protocols and guidelines that safeguard resources from harm.

Requirement 2.
Security clearances

Entities must:

  1. identify and record positions that require a security clearance and the level of clearance required
  2. ensure each person working in an identified position has a valid security clearance issued by an authorised vetting agency
  3. before seeking a security clearance, confirm that the person meets pre-employment screening requirementsNote i and is an Australian citizen
  4. if the person is not an Australian citizen and has a valid visa with work rights provide the authorised vetting agency with an eligibility waiver by:
    1. establishing an exceptional business requirement and conducting a risk assessment
    2. asking the accountable authorityto consider and accept the risk of waiving the citizenship requirementNote ii
  5. if the authorised vetting agency assesses that the person has an uncheckable background, provide the vetting agency with an eligibility waiver by:
    1. establishing an exceptional business requirement and conducting a risk assessment (including seeking the advice of the vetting agency)
    2. asking the accountable authority to consider and accept the risk of waiving the checkable background requirement. .Note iii

Requirement 3.
Personnel security vetting standard

Authorised vetting agencies must:

  1. only issue a security clearance where the clearance is sponsored by an Australian Government entity or otherwise authorised by the Australian Government
  2. seek informed consent from the clearance subject to collect, use and disclose their personal information for the purposes of assessing and managing their eligibility and suitability to hold a security clearance
  3. assess the clearance subject's suitability to hold a security clearance by:
    1. considering their integrity (ie the character traits of maturity, trustworthiness, honesty, resilience, tolerance and loyalty) in accordance with the Personnel Security Adjudicative Guidelines (at Annex A)
    2. conducting minimum personnel security checks for a security clearance outlined below
    3. resolving any doubt in the national interest.

 

Minimum personnel security checks

Check

Security Clearance Level

Baseline Vetting

Negative Vetting 1

Negative Vetting 2

Positive Vetting

Verification of identity

✓Check required.

✓Check required.

✓Check required.

✓Check required.

Entities must verify the person's identification documents with the issuing authority by using the Document Verification Service for Australian issued primary identification documents.

Confirmation of Australian citizenship and status of any other citizenships

✓Check required.

✓Check required.

✓Check required.

✓Check required.

Background check

✓Check required, 5 years.

✓Check required, 10 years.

✓Check required, 10 years.

✓ Check required, greater of 10 years or from the age of 16.

Official secrets declaration

✓Check required.

✓Check required.

✓Check required.

✓Check required.

Statutory declaration

✓Check required.

✓Check required.

✓Check required.

✓Check required.

Referee checks

✓Check required.

✓Check required.

✓Check required.

✓Check required.

Digital footprint check

✓Check required.

✓Check required.

✓Check required.

✓Check required.

National police check

✓Check required, no exclusion.

✓Check required, full exclusion.

✓Check required, full exclusion.

✓Check required, full exclusion.

Financial history check

✓Check required.

✓Check required.

✓Check required.

✓Check required.

Financial statement

 Not applicable, check not required.

✓Check required.

✓Check required.

✓Check and supporting documents required.

Financial probity check

 Not applicable, check not required.

 Not applicable, check not required.

 Not applicable, check not required.

✓Check required.

ASIO assessment

 Not applicable, check not required.

✓Check required.

✓Check required.

✓Check required.

Security interview

 Not applicable, check not required.

 Not applicable, check not required.

✓Check required.

✓Check required.

Psychological assessment

 Not applicable, check not required.

 Not applicable, check not required.

 Not applicable, check not required.

✓Check required.

 

  1. if a clearance subject has an uncheckable background:
    1. provide the sponsoring entity with information to inform a risk assessment
    2. only issue a clearance if the accountable authority waives the checkable background requirement (see Requirement 2e)
  2. if security concerns are identified during the vetting or security assessment process that are not sufficient to deny a security clearance, and the related risks can be managed through conditions attached to the security clearance:
    1. identify the conditions and any specific clearance maintenance requirements
    2. provide the sponsoring entity with information about the security concerns to inform a risk assessment
    3. only issue a conditional clearance if the accountable authority and the clearance subject accept the clearance conditions
  3. if any other relevant information of security concern is identified during the vetting process, provide the sponsoring entity with information to inform a risk assessment when advising them of the outcome of the security vetting process
  4. without compromising the national interest, apply the rules of procedural fairness to security clearance decisions that are adverse to a clearance subject, including decisions to deny a security clearance (including grant lower level) or grant a conditional security clearance,Note iv and
  5. ensure all vetting personnel attain and maintain the required skills and competencies for their role.

Supporting requirements notes:

iAn exception applies for entities authorised as vetting agencies.

iiThe accountable authority may delegate this decision to the Chief Security Officer.

iiiThe accountable authority may delegate this decision to the Chief Security Officer.

iv Separate arrangements ensure procedural fairness and national security are preserved where denial of a clearance is based on an ASIO security assessment.


Back to top

Requirement 1 applies to all personnel; this includes security cleared and non-security cleared personnel, contractors and others who will have access to Australian Government resources. Requirements 2 and 3 apply to security cleared personnel only.

Guidance

Pre-employment screening

Pre-employment screening includes:

  1. mandatory and recommended pre-employment checks applied to provide a level of assurance about the individual's suitability to access Australian Government resources
  2. entity-specific checks to mitigate security threats applicable to the entity that are not addressed by minimum pre-employment screening.

The Attorney-General's Department recommends that entities conduct and finalise pre-employment and entity-specific screening after the conclusion of the merit selection process but prior to an offer of employment or contract. Where checks are not completed prior to engagement, it is recommended that entities make the employment or contract conditional on satisfying the required checks within a reasonable timeframe.

Completing screening prior to engagement is particularly important for positions that have been identified as requiring a security clearance. If an individual is found to be unsuitable as part of the pre-employment and entity-specific screening, entities must not seek a security clearance for the individual (see Requirement 2c).

Individuals cannot obtain a security clearance unless they are expected to be engaged in a role requiring a security clearance. Therefore, it is not reasonable to expect an individual to hold a security clearance prior to being selected for a designated role. Selection based on existing clearance status is not merit based and may be contrary to an entity's enabling legislation. Entities that are legislatively required to make employment decisions in accordance with the merit principle cannot discriminate against individuals who do not hold a current security clearance where they indicate a willingness and ability to gain a clearance prior to engagement.

For entities authorised as vetting agencies, pre-employment screening may be conducted concurrently with security vetting to permit streamlined engagement of personnel. The Attorney-General's Department recommends that entities conducting concurrent pre-employment screening and security vetting record determinations against the criteria identifying whether a decision relates to an employment screening threshold or a security clearance threshold.

For personnel transferring within the Australian Government, some pre-employment screening checks may have already been conducted. The Attorney-General's Department recommends confirming if checks have already been undertaken by the losing entity. Additional checks can be done to meet the specific entity employment requirements of the gaining entity or if the check needs to be revalidated (see the PSPF policy: Separating personnel).

Table 1 describes the mandatory pre-employment screening checks outlined in Requirements 1a and 1b.

Table 1 Mandatory pre-employment screening checks

Screening check

Rationale

Identity check

An identity check helps to establish confidence in a person's identity and provides entities with a level of assurance about the prospective employee.

The Attorney-General's Department recommends that the identity of all new personnel be verified to at least Level of Assurance 3 of the National Identity Proofing Guidelines.

Level of Assurance 3 checks include:

  1. the uniqueness of the identity in the intended context
  2. the claimed identity is legitimate
  3. the operation of the identity in the community over time
  4. the linkage between the identity and the person claiming the identity
  5. the identity is not known to be used fraudulently.

The core PSPF requirement for eligibility and suitability of personnel mandates that entities verify the person's identification documents with the issuing authority by using the Document Verification Service for the Australian issued primary identification documents.

Eligibility to work in Australia

This check confirms whether a person is eligible to work in Australia. This requires confirming that a person holds Australian citizenship , or if the person is not an Australian citizen, confirming that they have a valid work visa. For information see the Migration Act 1958.

Further eligibility conditions, including requirements relating to Australian citizenship, are covered in the Public Service Act 1999 and in the enabling legislation of many entities.

Information on how to confirm Australian citizenship and verify visas is available on the Department of Home Affairs website.

Back to top

Table 2 details the recommended pre-employment checks that may assist entities to assess a person's suitability, in accordance with Requirement 1c. The Attorney-General's Department recommends that entities undertake pre-employment screening to Australian Standard AS 4811-Employment Screening.

Table 2 Recommended pre-employment screening checks

Screening check

Rationale

Integrity & reliability checks

Employment history check

An employment history check identifies whether there are unexplained gaps or anomalies in employment. A person might not disclose periods of employment if they have had their employment terminated or anticipate an adverse referee report. A history of short periods of employment may indicate poor reliability.

Employment history information may be available from human resources areas of large employers. Alternatively, referees checks or other previous employers may provide corroborating evidence.

The Attorney-General's Department recommends checking the employment history of all new personnel for a period of at least 5 years, where applicable.

Residential history check

A residential history check helps to substantiate the person's identity in the community. All personnel need to provide supporting evidence of their current permanent residential address.

The Attorney-General's Department recommends checking residential history for all new personnel for a period of at least 5 years. It is recommended that entities make an assessment of whether the person's explanation about periods of residency for which they cannot provide supporting documents is reasonable.

Referee checks

A referee check helps entities engage people of the appropriate quality, suitability and integrity.

The Attorney-General's Department recommends conducting professional referee checks covering a period of at least the last 3 months.

A referee check may address:

  1. any substantiated complaints about the person's behaviour
  2. information about any action, investigation or inquiry concerning the person's character, competence or conduct
  3. any security related factors that might reflect on the person's integrity and reliability.

National police check

A national police check, commonly referred to as a criminal history or police records check, involves processing an individual's biographic details (such as name and date of birth) to determine if the name of that individual matches any others who may have previous criminal convictions. It is important that entities conducting a national police check are clear about what convictions would preclude a person from employment.

The Spent Convictions Scheme outlined in Part VIIC of the Crimes Act 1914,requires that entities request a 'no exclusion' national police check, unless the entity is covered by an exclusion under the Act.

A Commonwealth 'no exclusion' national police check provides a record of Commonwealth convictions for the preceding 10 years, or until there is a gap of 10 years between convictions, whichever is the longer. However, convictions reported by each state or territory will depend on their relevant spent convictions schemes.

For information, see the Australian Federal Police (AFP) website National Police Checks and the Office of the Australian Information Commissioner Spent Conviction Scheme Fact Sheet.

Credit history check

A credit history check establishes whether the person has a history of financial defaults, is in a difficult financial situation, or if there are concerns about the person's finances.

The Attorney-General's Department recommends checking a person's credit history. A credit history check may be requested from an accredited financial credit check organisation. A number of private organisations can provide credit history checks on a fee-for-service basis.

Qualification check

A qualification check verifies a person's qualifications with the issuing authority.

The Attorney-General's Department recommends verifying declared academic qualifications with the issuing authorities, including universities, technical colleges or schools, as well as any professional associations or memberships that are required.

Conflict-of-interest check

A conflict-of-interest declaration identifies conflicts, real or perceived, between a person's employment and their private, professional or business interests that could improperly influence the performance of their official duties and thus their ability to safeguard Australian Government resources. A conflict can be brought by (and not limited to) financial particulars, secondary employment and associations.

The Attorney-General's Department recommends that entities have a conflict-of-interest policy, that guides staff on what could be perceived as a conflict of interest and when and how to report a conflict. Based on their risk assessment, entities are encouraged to consider whether all personnel, not just contractors, complete a conflict-of-interest declaration. For advice, see the APSC publication Conflicts of interest.

Entity specific checks

The Attorney-General's Department recommends entities identify checks needed to mitigate additional entity personnel security risks where not addressed by the recommended minimum pre-employment screening checks. Additional screening checks are entity specific and are separate from the security clearance process. The Attorney-General's Department recommends entities seek separate advice from the Australian Public Service Commission, the Australian Human Rights Commission or independent legal advice about the suitability and use of any proposed entity specific checks. Some examples of entity specific checks include drug and alcohol testing, detailed financial probity checks and psychological assessments. For advice, see the APSC publication Conditions of engagement.

Back to top

Privacy and confidentiality

Pre-employment screening checks, including related security clearance vetting and ongoing suitability checks, are conducted in accordance with the Australian Privacy Principles. The Attorney-General's Department recommends obtaining informed consent from all personnel to collect, use and disclose personal information (including sensitive information) for the purposes of assessing and reviewing their eligibility and suitability for employment. The Attorney-General's Department recommends entities include a privacy statement in their recruitment and pre-employment paperwork detailing how personal information (including sensitive information) will be collected, used and disclosed, and obtain consent from all personnel to allow the entity to:

  1. collect personal information, including sensitive information, from other entities or private organisations
  2. disclose personal information, including sensitive information, with other entities when determining initial or continuing suitability to access official resources
  3. use personal information, including sensitive information, to determine a person's ongoing suitability to access Australian Government resources
  4. transfer information to another entity when personnel transfer.

As part of the pre-employment screening, entities are also encouraged to obtain both:

  1. a statutory declaration stating all information provided is truthful and complete
  2. a signed agreement to confirm their undertaking to safeguard Australian Government resources, including reference to compliance with relevant legislation and policies.

In addition to common confidentiality requirements and secrecy provisions under the Crimes Act 1914 and the Criminal Code Act 1995, entities are encouraged to advise all personnel of any entity-specific legislative requirements.

Back to top

Security clearances

Identify and record positions that require a security clearance

Personnel in certain positions may require a security clearance to access particular Australian Government resources (people, information and assets) relevant to their position. In accordance with an entity's physical and information security profile (see the PSPF policy: Security planning and risk management), this may include access to specific areas of an entity's facilities or specific ICT systems. An entity may also identify positions for which a security clearance is required, in addition to pre-employment screening and entity-specific checks, to provide a higher level of assurance about an individual's integrity. This may be appropriate for positions where:

  1. the occupant will have access to aggregations of information or assets
  2. the nature of the role requires greater assurance about the person's integrity, for example as a fraud mitigation or anti-corruption measure.

Requirement 2 mandates that entities identify and record positions that require a security clearance and the level of clearance required. The Attorney-General's Department recommends that entities keep a register identifying:

  1. positions that require a security clearance for ongoing access to Australian Government resources
  2. positions that require a security clearance as a higher level assurance of personnel suitability
  3. when the requirement for a security clearance will be assessed (at least each time the position becomes vacant and before it is advertised).

The PSPF policy: Access to information provides information on the exemption from holding a security clearance for certain Australian public office holders accessing classified information. This exemption does not apply to staff of public office holders.

Special Minister of State Determination 2012/1 provides that staff of ministers employed under Part III of the Parliament (Staff) Act 1984 obtain and maintain a Negative Vetting 2 security clearance. This determination permits variation in certain circumstances for electorate officers, see Annex B.

Eligibility for a security clearance

To be eligible for an Australian Government security clearance, an individual must be an Australian citizen and have a checkable background (see Requirement 2). A clearance subject has an uncheckable background when the vetting agency cannot complete the minimum checks and inquiries for the required period, or the checks and inquiries made do not provide adequate assurance about the clearance subject's life or background. In these circumstances, and if no checkable background eligibility waiver is in place from the sponsoring entity, the vetting agency will deny the request for a clearance.

In accordance with Requirements 2d and 2e, an accountable authority may waive the citizenship or checkable background requirements for a security clearance if there is an exceptional business requirement and after conducting a risk assessment.1 Where an eligibility waiver has been issued, the vetting agency can still deny a security clearance if there are significant concerns about the clearance subject's suitability to hold the clearance that cannot be mitigated (see Requirement 3). This includes concerns relating to the eligibility condition that was waived.

The risk assessment for a citizenship or checkable background waiver is based on a specific position and entity. As such, security clearances granted on the basis of a citizenship or checkable background waiver cannot be transferred to a new position or entity unless the exceptional business requirement and risk assessment provisions are undertaken and accepted for the new position or entity.

Where the accountable authority has waived the citizenship or checkable background requirements for any security clearances sponsored by the entity, the number of personnel in the entity with active waivers and the type of waivers are reportable under the PSPF policy: Reporting on security.

Exceptional business requirement

The Attorney-General's Department recommends that the accountable authority consider the following when establishing an exceptional business requirement.

  1. whether the role is critical to meeting the sponsoring entity's outcomes
  2. whether the role can be performed by a person who meets the eligibility requirements (ie is there another person capable of performing the role who is an Australian citizen and/or has a checkable background)
  3. whether the role can be redesigned, so that the access to classified information or resources is restricted to personnel who already hold or are eligible to hold the appropriate security clearance.

The Attorney-General's Department recommends that eligibility for a security clearance be included as a condition of employment in all recruitment actions relating to positions identified as requiring a security clearance.

Back to top

Risk assessment

Entities must conduct security risk management in accordance with the PSPF policy: Role of accountable authority. When conducting a risk assessment for an eligibility waiver, the Attorney-General's Department recommends the accountable authority also consider the following:

  1. potential conflicts of interest
  2. advice from the authorised vetting agency and ASIO, including:
    1. for uncheckable backgrounds, details of the security concerns associated with the subject's uncheckable background and assessment of the impact of this uncheckable period against the whole-of-person assessment
    2. for all waivers, any known concerns about the clearance subject
    3. any threat assessments from ASIO on the clearance subject's country(ies) of citizenship or the country(ies) that give rise to issues of uncheckability
    4. consultation with third parties whose resources (information, assets or personnel) may be accessed by the clearance subject and especially the originating or controlling entity of any TOP SECRET resources and any foreign entities
  3. for citizenship waivers:
    1. details of the clearance subject's visa status and whether they are actively seeking Australian citizenship, or plan to
    2. the sponsoring entity's plan to ensure the clearance subject does not access caveated AUSTEO information
    3. any threat assessments from ASIO on the clearance subject's country(ies) of citizenship or the country(ies) that give rise to issues of uncheckability
    4. consultation with third parties whose resources (information, assets or personnel) may be accessed by the clearance subject, and especially the originating or controlling entity of any TOP SECRET resources and any foreign entities
  4. the period covered by the waiver
  5. proposed risk mitigations, including any conditions placed on the clearance holder subject to the waiver.

Recognising existing security clearances

Where an individual holds, or has previously held, a security clearance issued by an authorised vetting agency2 at the level required for the identified position (or higher), an entity may assume sponsorship of that security clearance. The Attorney-General's Department recommends that prior to seeking a new security clearance, sponsoring entities identify whether the clearance subject already holds, or has previously held, a security clearance, and advise the authorised vetting agency accordingly. The vetting agency will confirm the clearance details with the granting agency, obtain the clearance subject's personal security file and record the new sponsorship of the security clearance on the file.

A security clearance held by the clearance subject cannot be recognised if:

  1. the clearance has expired due to the period since the clearance being granted (or last revalidated) exceeding:
    1. for Baseline clearances, 15 years
    2. for Negative Vetting Level 1, 10 years
    3. for Negative Vetting Level 2, seven years
    4. for Positive Vetting, seven years (the Sensitive Material Security Management Protocol – Personnel Security – Positive Vetting Guidelines (SMSMP-PVG) also requires an annual security appraisal to have been completed within the last two years, the SMSMP-PVG is available to entity security advisors)
  2. the vetting agency has concerns that the incoming clearance subject is no longer suitable to access Australian Government security classified resources at that clearance level
  3. the clearance was granted on the basis of an eligibility (citizenship or background) waiver
  4. the clearance was granted subject to specific clearance maintenance requirements
  5. the clearance has ceased.

If a clearance is subject to an eligibility waiver or specific clearance maintenance requirements, the vetting agency will advise the gaining sponsoring entity. For clearances subject to an eligibility waiver, the gaining sponsoring entity will accept and undertake the exceptional business requirement and risk assessment provisions in accordance with Requirements 2d and 2e, prior to requesting transfer of sponsorship. For clearances subject to specific clearance maintenance requirements, the gaining sponsoring entity will need to accept the clearance conditions.

Back to top

Clearance status

The definitions in Table 3 describe the status of a security clearance.

Table 3 Security clearance status

Clearance status

Definition

Active

A maintained security clearance that is:

  1. sponsored by an Australian Government entity, and
  2. being maintained by a clearance holder and sponsoring entity.

Inactive

A security clearance that is within the revalidation period, however, the clearance is:

  1. not sponsored by an Australian Government entity, or
  2. not being maintained by the clearance holder for a period greater than six months due to long term absence from their role (eg maternity leave, extended leave without pay).

For Positive Vetting clearances, the SMSMP-PVG requires an annual security check to have been completed within the last two years.

Expired

A security clearance that is:

  1. outside the revalidation period, or
  2. a positive Vetting clearance and an annual security check has not been completed within the last two years.

It is not possible to request sponsorship of an expired clearance. If an Australian Government entity requests sponsorship after the end of the revalidation period, a new initial security clearance assessment process will be initiated.

Ceased

A security clearance (or in some circumstances vetting process):

  1. that has been denied or revoked, or
  2. that may have time-based conditions on when a clearance subject or holder can reapply for a security clearance, or
  3. where the clearance subject or holder is ineligible to hold or maintain a security clearance.

Back to top

Personnel security vetting standards

Authorised vetting agencies

The PSPF policy: Eligibility and suitability of personnel mandates that entities use AGSVA to conduct vetting, or where authorised, conduct security vetting in a manner consistent with the personnel security vetting standards.

Security vetting can be conducted by:

  1. AGSVA, which can issue security clearances where the vetting assessment is sponsored by any Australian Government entity. AGSVA can issue security clearances up to and including the Positive Vetting level
  2. an authorised vetting agency that can issue security clearances for its own personnel. An authorised vetting agency could have limitations on the level of security clearances it can issue, for example, some authorised vetting agencies may only issue clearances at the Baseline level.

The personnel security vetting standards use the term 'assessing officer' to denote a person within an authorised vetting agency who conducts vetting assessments. The standards use the term 'security clearance delegate' to denote a person formally authorised to make decisions on the outcome of a vetting process (ie to grant, deny, grant-conditional or cancel a security clearance). See Outcomes of security vetting process.

Issuing clearances

Requirement 3a mandates that vetting agencies only issue a security clearance where the clearance is sponsored by an Australian Government entity or otherwise authorised by the Australian Government. State and territory governments may request that AGSVA conduct security clearances for their personnel up to and including Negative Vetting 2, in accordance with the 2006 Memorandum of Understanding for the Protection of National Security Information. States and territories require an Australian Government entity to sponsor all Positive Vetting security clearances for their personnel.

Locally engaged personnel who are not Australian citizens may be granted a diplomatic mission clearance in accordance with the Prime Minister's Directive on Guidelines for the Management of the Australian Government Presence Overseas. These clearances are only recognised for the mission they are granted, are role-specific and not portable. The Department of Foreign Affairs and Trade is responsible for the security vetting of their locally engaged staff. The Australian Trade Commission is a managing entity under this directive and conducts security screening for its locally engaged staff and for those of attached entities.

Consent to share personal information

Requirement 3b mandates that vetting agencies seek informed consent from the clearance subject to collect, use and disclose their personal information for the purposes of assessing and managing their eligibility and suitability to hold a security clearance. The Attorney-General's Department recommends that vetting agencies consider the guidance provided at Privacy and confidentiality.

Sharing relevant information, even when it is sensitive personal information, will not breach an individual's privacy provided that informed consent is received and the information is used for the purpose for which consent is provided. To be able to meet the PSPF policy: Ongoing assessment of personnel to share information of security concern, it is recommended that vetting agencies obtain informed consent from all clearance subjects to share information with other entities. This includes but is not limited to the sponsoring entity and other vetting agencies. The Attorney-General's Department recommends that consent is obtained at key information collection points, such as application for a security clearance, and that consents are updated at reasonable intervals.

Personnel security adjudicative guidelines

Requirement 3ci mandates that vetting agencies assess an individual's suitability to hold a security clearance by considering their integrity in accordance with the Personnel Security Adjudicative Guidelines (Annex A). For the purposes of security vetting, integrity is defined as the character traits of honesty, trustworthiness, maturity, tolerance, resilience and loyalty.

The Personnel Security Adjudicative Guidelines (at Annex A) provide the common risk factor areas against which a clearance subject's suitability is assessed. These areas may have a bearing on one or more of a clearance subject's character traits. The Attorney-General's Department recommends vetting agencies use a process of structured professional judgement to achieve an overall determination based on the available information.

Back to top

Minimum personnel security checks for a security clearance

Requirement 3cii mandates the minimum checks for a security clearance, these are outlined in Table 4. The effectiveness of these checks relies on complete, consistent and accurate information provided by the clearance subject. The Attorney-General's Department recommends that vetting agencies confirm:

  1. all documents requiring signature and witnessing have been signed and that signatures and dates of signatures match
  2. details provided by the clearance subject match supporting documents
  3. referees are appropriate and their contact details are provided
  4. financial statements (if applicable) are provided and complete.
Table 4 Minimum personnel security checks and requirements for a security clearance

Vetting check

Rationale

Confirmation of identity and verification of identity documents

Requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies confirm the identity of a clearance subject and verify identification documents. For Australian issued primary identification documents, authorised vetting agencies must verify the person's identification documents with the issuing authority by using the Document Verification Service.

The Attorney-General's Department recommends vetting agencies verify the identity of all clearance subjects in accordance with the National Identity Proofing Guidelines. Security vetting requires assurance of identity as follows:

Security clearance

Baseline Vetting

Negative Vetting 1

Negative Vetting 2

Positive Vetting

Assurance of identity

High assurance to Level 3 of the
National Identity Proofing Guidelines.

Very high assurance to Level 4 of the
National Identity Proofing Guidelines.

Levels of Assurance 3 and 4 constitute the following checks:

  1. uniqueness of the identity in the intended context
  2. the claimed identity is legitimate
  3. the operation of the identity in the community over time
  4. the linkage between the identity and the person claiming the identity
  5. the identity is not known to be used fraudulently
  6. only original physical documents shall be accepted (Level 4).

Confirmation of Australian citizenship and status of any other citizenships

Requirement 3c(ii) mandates for all security clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies confirm the Australian citizenship of a clearance subject and assess whether they hold any other citizenships.

Only Australian citizens are eligible to apply for an Australian Government security clearance, unless the citizenship eligibility requirement has been waived by the accountable authority of the sponsoring entity, in accordance with Requirement 2d.

Evidence of other citizenships or nationalities may have bearing on one or more of the risk factors, including external loyalties, influences and associations.

Background check

Supporting requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies assess a clearance subject's background for the relevant checking period as follows:

Security clearance

Baseline Vetting

Negative Vetting 1

Negative Vetting 2

Positive Vetting

Relevant checking period

5 years

10 years

10 years

greater of 10 years or
from the age of 16

The primary reason for examining an individual's background is to assess their integrity. The Attorney-General's Department recommends vetting agencies use a questionnaire to gather initial background check information from clearance subjects.

A vetting agency assesses a clearance subject as having an uncheckable background when the assessing officer cannot complete the required minimum checks and inquiries for the relevant period or the assessing officer does not have sufficient confidence in the quantity, quality, credibility or reliability of the information provided. For example, a background may be assessed as uncheckable because:

  1. background checks cannot be confidently conducted in certain countries of former residence
  2. certain documents do not exist (they never existed or no longer exist) or it is not possible to get copies from the issuing authority
  3. the source of the documents or information about the clearance subject may not be assessed as credible or reliable
  4. there are significant gapsNote i in a clearance subject's background for which insufficient information is available, and/or the risks associated with these gaps are not readily able to be mitigated. Vetting agencies are encouraged to assess the risk associated with uncorroborated gaps, taking into account the relevant checking period and the age of the clearance subject, as well as location(s) and length of period(s) out of Australia.

The primary reason for assessing whether a person has a checkable background is consideration of the security risk to the Australian Government, should that person be granted a security clearance.

If the vetting agency has exhausted all reasonable and available checking avenues and determined that a clearance subject's background is uncheckable, the vetting agency may:

  1. if there are no other concerns and identified risks can be mitigated, provide the sponsoring entity with information about the risks and mitigations relating to the clearance subject's uncheckable background in accordance with Requirement 3c and request an eligibility waiver from the sponsoring entity (see Eligibility for a security clearance)
  2. if there are other concerns or identified risks that cannot be mitigated, advise the sponsoring entity that the clearance cannot be progressed.

Reasonable and available checking avenues in Australia or overseas include, but are not limited to, the following sources:

  1. corroboration from a credible referee
  2. government agencies and bodies
  3. academic institutions
  4. local police records, if available (obtained domestically through liaison with the AFP or internationally through the Department of Foreign Affairs and Trade)
  5. humanitarian and aid agencies that maintain records for displaced persons
  6. places of worship, for birth, death and marriage information in lieu of government records
  7. private companies with whom the clearance subject has been employed
  8. the Department of Home Affairs for records of all Australian entries and exits.

The Attorney-General's Department recommends that vetting agencies document all attempts to satisfy the background checking requirement. This includes alternative measures undertaken, any identified risks and how identified risks were mitigated (if mitigation is possible). This information will inform any review process in the event of an adverse decision or inform the sponsoring entity's risk management in the event that a clearance is granted subject to waiver.

Separately, ASIO considers the background of clearance subjects as part of its security assessment. In some cases, ASIO will conclude an individual has an uncheckable background (eg because reliable security checking cannot be undertaken for the relevant countries) and will communicate this via a security assessment.

Official secrets declaration check

Requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies obtain acknowledgement from the clearance subject of their responsibilities for the protection of official information.

An official secrets declaration confirms that those accessing Australian Government resources understand their roles and responsibilities in relation to the protection of official information. This includes the consequences of the misuse or disclosure of official information and the application of criminal offences.

Statutory declaration

Requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that clearance subjects sign a statutory declaration to provide legal verification that the information provided is truthful and complete and documents are accurate and without amendments, issued by the issuing authority and relate to the clearance subject.

The clearance subject may make a statutory declaration in lieu of some supporting documents where:

  1. copies of documents cannot reasonably or readily be obtained from the issuing authority within the required time
  2. a reasonable delay is expected and the clearance subject undertakes to provide the documents as soon as they are received.

The Attorney-General's Department recommends that vetting agencies not accept a statutory declaration for:

  1. primary identification documents issued by an Australian authority
  2. proof of current employment
  3. proof of current residential address
  4. primary identification documents issued by a foreign authority where it is possible to obtain these documents
  5. corroboration of gaps identified in determining a clearance subject's checkable background.

For information about statutory declarations, see the Attorney-General's Department website.

Referee checks

Requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies obtain referee reports about a clearance subject's suitability to hold a security clearance as follows:

 

Security clearance

Baseline Vetting

Negative Vetting 1

Negative Vetting 2

Positive Vetting

Referee check

At least one professional referee covering a period of at least 3 months.

At least two referees including at least one professional referee covering a period of at least 3 months.

At least one professional and one un-nominated referee, as well as personal referee/s covering a 10 year period.

At least one professional and one un-nominated referee, as well as personal referee/s covering a period of the greater of 10 years or from the age of 16.

Personal and professional referees may be asked to provide on a clearance subject's suitability to hold a security clearance, as well as provide corroborating evidence in relation to other checks, including but not limited to:

  1. current and previous address
  2. current and previous employment
  3. overseas travel
  4. financial status
  5. use of alcohol and drugs.

To competently comment on a clearance subject's character, referees are expected to have known the clearance subject for a minimum of three months.

Close relatives, spouses, de facto partners and purely professional contacts, such as doctors and teachers, may not be able to comment objectively on the clearance subject.

The Attorney-General's Department recommends that vetting agencies contact previous government employers to determine if the person has previously been found to have breached the code of conduct, if there are current investigations into a possible breach of the code of conduct or if there are any integrity issues or identified concerns.

Current and past employers are well placed to confirm if a clearance subject has any security infringements, breaches or violations. A history of security incidents or breaches may indicate a disregard for security and highlight that the clearance subject's commitment to protecting Australian Government resources may be questionable.

Do not conduct telephone or email referee interviews if the referee is overseas in a high-risk location for hostile foreign intelligence activities. Entities may consult ASIO threat assessments for advice in this regard.

There are benefits to conducting at least one face-to-face referee interview. For example, sighting a photograph of the clearance subject may further establish identity, and assurance may be developed, that a referee has provided a full and truthful account of relevant information through non-verbal cues.

Digital footprint check

Requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies conduct a 'digital footprint' check. A digital footprint check includes conducting an open internet search on a clearance subject, as well as identifying and reviewing their publicly accessible social media.

A digital footprint check is the unique pattern of electronic transactions made by an individual's publicly accessible online presence. An assessment of an individual's digital footprint can provide insight into their life, interactions and personal views. This information may identify behaviours of security concern, or provide further assurance that a clearance subject has provided a full and truthful account of information relevant to the assessment of their integrity.

The Attorney-General's Department recommends that vetting agencies refer to the digital footprint check framework (Annex E) when establishing procedures for conducting these checks.

National police check

Requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies obtain a national police check for the clearance subject.

A national police check is carried out by the AFP in accordance with the Spent Conviction Scheme. The scheme allows the clearance subject to withhold disclosure of spent convictions unless exclusion has been granted. For information, see the OAIC – Spent Conviction Scheme Fact Sheet.

The application of the Spent Conviction Scheme for relevant clearance levels is as follows:

 

Security clearance

Baseline Vetting

Negative Vetting 1

Negative Vetting 2

Positive Vetting

Application of the Spent Conviction Scheme

A 'No Exclusion' national police check/police records check.

Under a 'No Exclusion' check, clearance subjects are not required to divulge convictions subject to the following conditions:

  1. it has been 10 years from the date of the conviction (or five years for juvenile offenders)
  2. the individual was not sentenced to imprisonment for more than 30 months
  3. the individual has not re-offended during the 10 year (five years for juvenile offenders) waiting period and
  4. a statutory or regulatory exclusion does not apply.

A 'Full Exclusion' national police check/police records check.

Under a 'Full Exclusion' check, clearance subjects are required to detail all convictions, regardless of the date of conviction or nature of offence, as well as any cases currently pending or before the courts.

For information, see the National Police Check pages on the AFP website.

Financial history check

Requirement 3c(ii) mandates for all clearance levels (Baseline to Positive Vetting, inclusive) that vetting agencies conduct a financial history check.

The purpose of this check is to consider whether:

  1. the clearance subject is living beyond their means, for example spending more than they earn or is impulsive and irresponsible with their spending
  2. there is any history of unmanaged debt
  3. the clearance subject has failed to meet financial obligations, including submission of tax returns, payment of rent and debts, bankruptcy and denial of credit.

Where there are concerns about a clearance subject's financial situation, particularly unexplained wealth or a high level of debt, additional checks may be warranted. The Attorney-General's Department recommends that vetting agencies determine appropriate checks on a case-by-case basis.

Where a clearance subject has indicated that they have been bankrupt or insolvent, the Attorney-General's Department recommends that the vetting agency request a bankruptcy check in writing through the Insolvency and Trustee Service Australia.

If a clearance subject has a history of financial defaults, is in a difficult financial situation or if there are concerns about the clearance subject's finances, the vetting agency may seek a credit history check from an accredited financial credit check organisation.

Financial statement

Requirement 3c(ii) mandates for Negative Vetting 1 and above clearance levels that vetting agencies require clearance subjects to complete a financial statement.

A financial statement provides a detailed summary of a clearance subject's assets, income, liabilities and expenditure. It can help identify if a clearance subject is financially overextended.

The Attorney-General's Department recommends that assessing officers undertake specialist training or seek specialist advice before undertaking complex financial analysis.

ASIO security assessment

Requirement 3c(ii) mandates for Negative Vetting 1 and above clearance levels (or lower levels where concerns have been identified) that vetting agencies obtain an ASIO security assessment.

Part IV of the Australian Security Intelligence Organisation Act 1979 (ASIO Act) provides for ASIO to undertake security assessments of people. For the purposes of security clearances, the ASIO security assessment provides a recommendation to the vetting agency on the security suitability of the clearance subject to access any information or place, access to which is controlled or limited on security grounds, and may provide additional advice including advice on conditions that might be placed on a clearance. That recommendation is based on an assessment of the risk to security (as defined in the ASIO Act) that would be associated with granting a clearance to the subject. ASIO takes into account matters such as the subject's activities, associates, attitudes, background and character. The ASIO assessment is based on information provided by the subject, employing entity and vetting agency, ASIO's intelligence holdings, including its assessment of security threats, and where necessary, may involve an ASIO interview of the subject and other inquiries.

Vetting agencies request the ASIO security assessment after all other checks and the clearance interview (if required, see below) are complete. This prevents unnecessary use of ASIO resources where the clearance subject would not otherwise be recommended for a clearance.

The Attorney-General's Department recommends that vetting agencies negotiate with ASIO on a case-by-case basis where operational needs require the ASIO security assessment to be conducted concurrently with other checks.

Security interview

Requirement 3c(ii) mandates that vetting agencies conduct interviews of clearance subjects as follows:

 

Security clearance

Baseline Vetting

Negative Vetting 1

Negative Vetting 2

Positive Vetting

Interviews of clearance subjects

Interview not required unless:

  1. the citizenship or background check requirements have been waived
  2. there are particular suitability concerns about a clearance subject.

Face-to-face (or telephone in exceptional circumstances) interview addressing:

  1. external loyalties, influences and associations
  2. personal relationships and conduct
  3. financial considerations
  4. alcohol and drug use
  5. criminal history and conduct
  6. security attitudes and violations
  7. emotional and mental health issues.

The Attorney-General's Department recommends that face-to-face (wherever possible) or telephone interviews address all factor areas in the Personnel Security Adjudicative Guidelines, and any specific areas of concern.

The Attorney-General's Department recommends that supplementary interviews be conducted for all clearance levels where specific areas of concern arising from internal and external checking have not been adequately resolved by other supplementary checks. It is recommended that supplementary interviews address the specific areas of concern. If any further concerns are identified at the interview, it is recommended that supplementary interviews be conducted face-to-face wherever possible for significant or complex issues. However, a telephone interview may be conducted to resolve minor issues or where a face-to-face interview is not possible (eg the clearance subject is travelling overseas).

Telephone interviews are not to be conducted if the individual seeking a clearance is overseas in a high-risk location for hostile foreign intelligence activities. Entities can consult ASIO threat assessments for advice in this regard.

Psychological assessment

Requirement 3c(ii) mandates that vetting agencies obtain a psychological assessment for Positive Vetting clearance subjects. A typical psychological assessment consists of two parts: psychometric testing and a psychological interview. Psychological assessments identify any psychological risks associated with the subject as an input to determine general suitability and may point to any potential security risks.

Psychological assessments are undertaken by appropriately qualified psychologists and are mostly used to establish a clearance subject's suitability for a Positive Vetting clearance.

Table 4 notes:

iA significant gap is considered to be greater than 12 months (cumulative) out of Australia within the background checking period.


Back to top

Vetting agencies may conduct additional vetting checks where they have access to additional capabilities, such as criminal intelligence checks, or where the check is relevant to addressing any concerns identified or not able to be resolved through the minimum personnel security checks. Table 5 provides two examples of additional vetting checks that may be undertaken for security clearances.

While not mandated for Baseline, Negative Vetting 1 and Negative Vetting 2 clearances, the Attorney-General's Department recommends that vetting agencies seek advice from a duly qualified mental health practitioner where the vetting agency identifies a mental health condition that may affect the clearance subject's ability to protect Australian Government resources:

Table 5 Example additional checks for security clearances

Vetting check

Rationale

Criminal intelligence check

The Attorney-General's Department recommends that vetting agencies with available criminal intelligence capabilities conduct a criminal intelligence check.

A criminal intelligence check involves the use of non-conviction-related information to identify whether an individual has links to criminality, including involvement in or association with those involved in serious and organised crime. A criminal intelligence check includes consideration of pre-prosecution information, criminal intelligence and criminal affiliations.

Information indicating an individual is involved in, or associates with those involved in serious and organised crime may indicate a lack of judgement or discretion, or susceptibility to undue influence, coercion, exploitation or duress. Such information raises questions about the individual's suitability to hold a security clearance.

Mental health check

The Attorney-General's Department recommends mental health assessments only occur where the vetting agency identifies issues related to the clearance subject's ability to protect Australian Government resources.

Having a mental health condition does not necessarily mean that a clearance subject would not be able to protect Australian Government resources. The Attorney-General's Department recommends that where the vetting agency is concerned that the clearance subject's emotional stability or psychological health may affect their ability to protect Australian Government resources, the vetting agency obtain advice from a duly qualified mental health practitioner.

If the clearance subject is, or has been, under treatment for an emotional or mental health condition, information may be requested from the treating mental health professional with the specific consent of the clearance subject. It may be necessary for a vetting agency to seek independent medical advice from a mental health professional if the clearance subject does not have their own practitioner or if the concern is unrelated to current or previous treatment.

Back to top

Outcomes of security vetting process

The outcome of a security vetting process is a determination of the clearance subject's suitability to hold a security clearance based on an assessment:

  1. against the Personnel Security Adjudicative Guidelines (Annex A)
  2. taking into account all relevant, reliable and independently verified information obtained through the minimum personnel security checks, and any additional checks required
  3. resolving any doubt in the national interest, in accordance with Requirement 3c(iii).

The Attorney-General's Department recommends that an assessing officer conduct the assessment and provide a security clearance delegate with a recommended outcome (see Table 6). Information to support the assessment includes:

  1. any gaps in the checkable period where supporting documents were not available, how these gaps were mitigated and if supplementary checks were undertaken to this effect
  2. any anomalies or issues identified, how these anomalies and issues were mitigated and if supplementary checks were undertaken
  3. any eligibility waivers provided by the sponsoring entity.

In determining the security clearance outcome based on the recommendation from the assessing officer, the delegate:

  1. satisfies themselves that all issues raised in the clearance process have been addressed
  2. provides the clearance subject with the opportunity to respond to any adverse information, if appropriate.
Table 6 Determinative outcomes of the security vetting process

Outcome

Description

Denied

The clearance subject is not suitable to hold an Australian Government security clearance at the requested level.

Granted

The clearance subject is eligible and suitable to hold an Australian Government security clearance.

Granted–conditional

The clearance subject is eligible and suitable to hold an Australian Government security clearance if they comply with conditions and/or specific clearance maintenance requirements.

 

The Attorney-General's Department recommends that vetting agencies use consistent language to describe the outcomes of security vetting processes in personal security files. Table 7 provides labels and descriptions for possible administrative outcomes of the security vetting process. These apply where no vetting assessment or determination has been made.

Table 7 Administrative outcomes of the security vetting process

Outcome

Description

Ineligible

The clearance subject is not eligible for an Australian Government security clearance as they:

  1. do not hold Australian citizenship
  2. do not have a checkable background.

Cancelled

The security clearance could not be completed by the vetting agency because:

  1. sponsorship of the clearance was removed at the request of the sponsoring entity
  2. sponsorship or clearance requirement could not be confirmed
  3. the clearance subject was non-compliant.

Back to top

The Attorney-General's Department recommends that the vetting agency provides a summary of information when notifying the clearance subject and sponsoring entity of the security clearance outcome. This includes:

  1. the level of clearance the subject is being assessed against
  2. the date of the determination of ineligible, granted, granted–conditional, denied or cancelled
  3. any eligibility (background or citizenship) waiver granted in the clearance process and any conditions placed by virtue of the waiver
  4. any specific clearance maintenance requirements imposed as part of a granted–conditional clearance
  5. the date for revalidation
  6. details of the review and appeals processes open to the clearance subject if applicable.

In addition, Requirements 3e and 3f mandate that vetting agencies provide relevant information of security concern obtained during the security vetting process to the sponsoring entity.

Requirement 3g mandates that vetting agencies apply the rules of procedural fairness, without compromising the national interest, when making security clearance assessments and determining a security clearance outcome. See section Procedural fairness for further information.

Conditional security clearances

Requirement 3c mandates that if information of security concern is identified during the vetting process that is not sufficient to deny a clearance and the related risks can be managed through conditions attached to the security clearance, the vetting agency is to provide the sponsoring entity with information to inform a risk assessment before issuing the security clearance. Any specific clearance maintenance requirements associated with the conditional security clearance need to be agreed by the sponsoring entity's accountable authority and the clearance subject.

Specific clearance maintenance requirements allow the sponsoring entity to manage ongoing risks affecting the clearance subject's suitability to hold a security clearance. This may include access restrictions or other risk mitigation measures. Monitoring a clearance subject's compliance with security clearance conditions is a supporting requirement of the PSPF policy: Ongoing assessment of personnel. Non-compliance with conditions may trigger a review for cause.

Sharing other relevant information of security concern

Requirement 3f mandates that vetting agencies advise the sponsoring entity of any other relevant information of security concern identified during the vetting process when advising the sponsoring entity of the security clearance outcome. This may include (but is not limited to) information relating to any vulnerabilities or risk factors and risk mitigation measures that were applied by the vetting agency. The sponsoring entity can then understand and manage any risks relating to the clearance holder's ongoing access to Australian Government resources. For information, see the PSPF policy: Ongoing assessment of personnel.

Back to top

Procedural fairness

Requirement 3c mandates that vetting agencies apply procedural fairness to security clearance determinations that are adverse to a clearance subject, without compromising the national interest or betraying the confidentiality of the source. When the principles of procedural fairness are applied in a security clearance process, it reduces the possibility of the process being compromised and a new clearance process being ordered on review or appeal.

If the assessing officer intends to recommend against the approval of a clearance at the level sought, or to recommend that the clearance be approved with specific clearance maintenance requirements, the Attorney-General's Department recommends that the clearance subject be provided an opportunity to respond before the final recommendation is made. It is recommended that any information used to make a decision be substantiated, particularly when the information is from a referee who may be biased or have a conflict of interest.

The Attorney-General's Department recommends that vetting agencies provide the clearance subject with a written statement identifying any concerns. It is recommended that vetting agencies give the clearance subject a reasonable period (normally two weeks from the date of advice) to respond to the concerns before a final recommendation is made. It is recommended that the clearance subject's response be provided to the delegate so they may make an informed decision based on all the material available.

The Attorney-General's Department recommends that vetting agencies consider whether an outsourced vetting service provider is able to manage procedural fairness issues involving outsourced vetting services.

For details, refer to Annex C – What is procedural fairness? and Annex D – Review of decisions.

Competencies of vetting personnel

Supporting requirement 3c mandates that authorised vetting agencies ensure vetting personnel (ie assessing officers and security clearance delegates) have and maintain the required skills and competencies for their role.

The Attorney-General's Department recommends that vetting personnel be able to demonstrate competencies and skills that include:

  1. knowledge of and the ability to conduct personnel security assessments
  2. understanding of the security vetting process and the PSPF
  3. knowledge of the security environment and ability to use ASIO intelligence
  4. knowledge of and the ability to apply relevant public sector legislation, including espionage offences and the Privacy Act 1988
  5. knowledge of and the ability to apply the principles of natural justice and procedural fairness
  6. general skills and competencies, including:
    1. handling official information
    2. workplace communications
    3. relevant interviewing skills
    4. data analysis
    5. administration, including records management.

The Attorney-General's Department notes that the above competencies and skills can be attained through formal qualifications, such as the Certificate IV or Diploma in Government Security, or equivalent qualifications. Where vetting agencies determine that a formal qualification is required for vetting personnel in the agency, the Attorney-General's Department recommends that qualifications be obtained from a registered training organisation. A list of registered training organisations is available at www.training.gov.au.

Back to top

Find out more

Further information on employment and entity specific screening can be found in the Australian Standards publications:

  1. AS4811-2006: Employment Screening
  2. HB 323-2007: Employment Screening Handbook
  3. AS 8001-2008: Fraud and Corruption Control.

Back to top

Annexes

Annex A. Personnel security adjudicative guidelines

Purpose

The Personnel Security Adjudicative Guidelines support vetting agencies in their assessment of a person's suitability to hold a security clearance, by assessing the individual against common risk factor areas. The guidelines apply to assessments of initial and ongoing suitability to access Australian Government resources.

Suitability to hold a security clearance

A clearance subject is suitable to hold a security clearance at any level where it is established, to the appropriate degree of satisfaction, that the clearance subject possesses and demonstrates an appropriate level of integrity (soundness of character and moral principle). In the security context, integrity is defined as a range of character traits that a clearance subject possesses (and demonstrates) in order for the government to have confidence in their ability to protect Australian Government resources. These character traits are:

  1. honesty – truthful and frank and does not have a history of unlawful behaviour
  2. trustworthiness – responsibility, reliability and maturity
  3. maturity – capable of honest self-appraisal and able to cope with stress; age is not necessarily a good indicator of maturity
  4. tolerance – an appreciation of the broader perspective even when holding strong personal views, able to remain impartial and flexible (an ability to accept other peoples' life choices and respect cultures can indicate tolerance) and accept differences in people, opinions or situations through respect, understanding and empathy
  5. resilience – ability to adapt well in the face of adversity, trauma, tragedy, threats or significant sources of stress
  6. loyalty – a commitment to Australia and the democratic processes of the Australian Government. Loyalty is not confined to the nation but also includes the objectives, ethos and values of the working environment (strong political views incompatible with the Australian democratic system of government may put a person's loyalty in doubt).

Reference to a number of risk factor areas of the clearance subject's life, including personal relationships, employment history, behaviour and financial habits, contributes to an assessment of a clearance subject's integrity.

The assessment of a clearance subject needs to establish confidence that they possess a sound and stable character and that they are not unduly vulnerable to influence or coercion.

Each clearance subject is assessed on their own merits, and the final determination of their suitability rests with the authorised vetting agency delegate. Any doubt concerning the clearance subject's suitability must be resolved in favour of the national interest (see Requirement 3c).

Determining suitability

The determination of whether an individual is suitable to hold a security clearance, consistent with the national interest, is based on careful consideration of the whole person in the context of the following risk factor areas:

  1. external loyalties, influences and associations
  2. personal relationships and conduct
  3. financial considerations
  4. alcohol and drug usage
  5. criminal history and conduct
  6. security attitudes and violations
  7. mental health disorders.

These factor areas may have a bearing on one or more of a clearance subject's character traits.

The Attorney-General's Department recommends vetting agencies use a process of structured professional judgement to come to an overall determination based on the available information.

Back to top

Adverse information

Although adverse information concerning a single criterion may not be sufficient for an unfavourable determination, the clearance subject may be found unsuitable to hold the requested level of security clearance if available information reflects a current or recurring pattern of:

  1. questionable judgement
  2. dishonesty
  3. intolerance/inflexibility
  4. immaturity
  5. untrustworthiness
  6. irresponsibility
  7. vulnerability to influence or coercion
  8. emotionally unstable behaviour.

Reliable and significant adverse information may lead the security clearance delegate to deny or revoke the security clearance.

The Attorney-General's Department recommends that in evaluating the relevance of any conduct, the assessing officer and security clearance delegate consider the:

  1. nature, extent and seriousness of the conduct
  2. circumstances surrounding the conduct, including the degree of willing or knowledgeable participation
  3. frequency and currency of the conduct
  4. clearance subject's age and maturity at the time of the conduct
  5. presence or absence of rehabilitation and other pertinent behavioural changes
  6. motivation for the conduct
  7. potential for pressure, coercion, exploitation or duress
  8. likelihood of continuation or recurrence.

Vetting agencies must share relevant information of security concern about security clearance holders with sponsoring entities (see Requirements 3e and 3f of the PSPF policy: Eligibility and suitability and Requirement 1bii of the PSPF policy: Ongoing assessment of personnel). Adverse information about a clearance subject may not be sufficient for an unfavourable determination but may be relevant to a sponsoring entity's assessment of personnel security risk.

For security cleared personnel, sponsoring entities are responsible for assessing how information relates to the entity's security risk and a person's suitability for employment by the entity. This is particularly relevant where there are entity -specific employment requirements, such as a zero-tolerance drug and alcohol policy. Authorised vetting agencies are responsible for assessing how information relates to an individual's suitability to hold a clearance. The PSPF policy: Ongoing assessment of personnel core requirement mandates that entities share all information of security concern. The assessment of whether information is of security concern can only be made by the entity assessing that concern. Therefore, all information pertaining to personnel is shared between sponsoring entities and vetting agencies so that they can determine whether it is relevant.

The Attorney-General's Department recommends vetting agencies have effective procedures to document and share adverse information with sponsoring entities. This includes procedures to identify mitigation activities that sponsoring entities could undertake to manage risks in relation to the clearance subject's ongoing suitability.

Back to top

Concerns about existing clearance holders

When information of security concern becomes known about a clearance subject who currently has access to Australian Government resources, and before determining whether to revoke or downgrade an existing clearance, the assessing officer and the delegate considers whether the person:

  1. voluntarily reported the information
  2. responded to questions truthfully and completely
  3. sought assistance and followed professional guidance, where appropriate
  4. resolved or appears likely to favourably resolve the security concern
  5. has demonstrated positive changes in behaviour and employment.

If after evaluating material of security concern the delegate decides that the material is not serious enough to warrant a determination to revoke or downgrade the security clearance, the Attorney-General's Department recommends the vetting agency notify the clearance subject and their sponsoring entity that future incidents of a similar nature may result in revocation of the security clearance. This information is recorded in the clearance subject's personal security file.

Risk factor areas

There are seven risk factor areas:

  1. external loyalties, influences and associations
  2. personal relationships and conduct
  3. financial considerations
  4. alcohol and drug use
  5. criminal history and conduct
  6. security violations
  7. emotional and mental health issues.

External loyalties, influences and associations

Concerns

All people working on behalf of Australian Government must have a primary and overriding commitment to the democratic process and a respect for the processes by which the elected government functions. If a clearance subject expresses political or personal views incompatible with Australia's constitutional, democratic system of government, doubts arise about whether they are loyal to the Australian Government. Conflict of views or conscientious objections could arise in some cases. However, the issue is whether a clearance subject recognises their responsibilities to their employing entity, the elected government and the public interest.

When a clearance subject acts in ways that indicate a preference for a foreign country over Australia, then they may be prone to act in ways that are harmful to the national interest of Australia.

Involvement in certain types of outside employment or activities is of security concern if it poses a conflict with a clearance subject's security responsibilities and could create an increased risk of unauthorised disclosure of security classified information.

A security risk may exist when a clearance subject or their immediate family (including cohabitants and other persons to whom they may be bound by affection, influence or obligation) are not Australian citizens or may be subject to duress. These situations could potentially introduce foreign influence that could result in the compromise of security classified information. Contacts with citizens of other countries or financial interests in other countries are relevant to security determinations if they make the clearance subject potentially vulnerable to coercion, exploitation or pressure.

Conditions that could raise a security concern and may be disqualifying

Conditions that could raise a security concern and may be disqualifying include:

  1. Involvement in, support of, training to commit or advocacy of any act of:
    1. espionage
    2. foreign interference
    3. sabotage
    4. urging violence
    5. terrorism
    6. treason
    7. politically motivated violence
    8. communal violence
    9. attacks on Australia's defence system
    10. serious threats to Australia's territorial or border integrity.
  2. Association or sympathy with persons who are attempting to commit, or who are committing, any of these above acts.
  3. Association or sympathy with persons or organisations that advocate, threaten, or use force or violence, or use any other illegal or unconstitutional means, in an effort to:
    1. overthrow or influence the Australian Government or any state or local government
    2. prevent federal, state or local government personnel from performing official duties
    3. gain retribution for perceived wrongs caused by the federal, state, or local government
    4. prevent others from exercising their rights under the Constitution or laws of Australia or of any state or territory.
  4. Contact with a family member, business or professional associate, friend or other person who is a citizen of, or resident in, a foreign country, where that contact creates an unacceptably heightened risk of foreign exploitation, inducement, manipulation, pressure or coercion.
  5. Connections to a foreign person, group, government or country that creates potential conflict of interest between the clearance subject's obligation to protect Australian Government resources and their desire to help a foreign person, group or country by providing that information.
  6. Sharing living quarters with a person or persons, regardless of citizenship status, if that relationship creates a heightened risk of foreign or criminal inducement, manipulation, pressure or coercion.
  7. A substantial business, financial or property interest in a foreign country, or in any foreign-owned or foreign-operated business that could put the clearance subject at heightened risk of foreign influence or exploitation.
  8. Failure to report, when required, an association with a foreign national.
  9. Unauthorised association with a suspected or known agent, associate or employee of a foreign intelligence service.
  10. Indications that representatives or nationals from a foreign country are acting to increase the vulnerability of the clearance subject to possible future exploitation, inducement, manipulation, pressure or coercion.
  11. Conduct, especially while travelling outside Australia, which may make the clearance subject vulnerable to exploitation, pressure or coercion by a foreign person, group or government.
  12. Exercise of any right, privilege or obligation of foreign citizenship after becoming an Australian citizen. This includes but is not limited to:
    1. possession of a current foreign passport
    2. military service or a willingness to bear arms for a foreign country
    3. accepting educational, medical, retirement, social welfare or other such benefits from a foreign country
    4. residence in a foreign country to meet citizenship requirements
    5. using foreign citizenship to protect financial or business interests in another country
    6. seeking or holding political office in a foreign country
    7. voting in a foreign election.
  13. Action to acquire or obtain recognition of a foreign citizenship by an Australian citizen.
  14. Performing or attempting to perform duties or act to serve the interests of a foreign person, group, organisation or government in conflict with Australia's national interest.
  15. Any statement or action that shows allegiance to a country other than Australia, for example, declaration of intent to renounce Australian citizenship or the renunciation of Australian citizenship.
  16. Any employment or service, whether compensated or voluntary, with:
    1. the government of a foreign country
    2. any foreign national, organisation or other entity
    3. a representative of any foreign interest
    4. any foreign, domestic, or international organisation, including media or a person engaged in analysis, discussion or publication of material on intelligence, defence, foreign affairs, protected technology or protective security
    5. failure to report or fully disclose an outside activity when this is required.
  17. Ongoing voluntary association with individuals or groups of an extremist nature, for example, those who espouse beliefs incompatible with a liberal democracy.
Conditions that could mitigate security concerns

Conditions that could mitigate security concerns include:

  1. The clearance subject was unaware of the unlawful aims of an individual or organisation and severed ties upon learning of these.
  2. The clearance subject's involvement was only with the lawful or humanitarian aspects of an organisation.
  3. Involvement in activities of concern occurred for only a short period of time and was attributable to curiosity or academic interest.
  4. The involvement or association with the activities of concern occurred under such unusual circumstances, or so much time has elapsed, that it is unlikely to recur and does not cast doubt on the clearance subject's current reliability, trustworthiness or loyalty.
  5. The nature of the relationships with foreign persons, the country in which these persons are located or the positions or activities of those persons in that country are such that it is unlikely the clearance subject will be placed in a position of having to choose between the interests of a foreign individual, group, organisation or government and Australia's national interest.
  6. There is no conflict of interest, either because the clearance subject's sense of loyalty or obligation to the foreign person, group, government or country is so minimal, or the clearance subject has such deep and longstanding relationships and loyalties in Australia that they can be expected to resolve any conflict of interest in favour of Australia's national interest.
  7. Contact or communication with foreign citizens is casual and infrequent and there is little likelihood that it could create a risk for foreign influence or exploitation.
  8. The foreign contacts and activities are on Australian Government business or are approved by the Chief Security Officer or delegate.
  9. The clearance subject has promptly complied with requirements to report contacts, requests or threats from people, groups or organisations from a foreign country.
  10. The value or routine nature of the foreign business, financial or property interests is such that they are unlikely to result in a conflict and could not be used to influence, manipulate or pressure the clearance subject.
  11. Where reasons for possession or acquisition of multiple citizenship are not a security concern, including:
    1. multiple citizenship when based solely on a parent's citizenship or birth in a foreign country
    2. marriage
    3. convenience of travel.
  12. The clearance subject has expressed a willingness to renounce other citizenships.
  13. Exercise of the rights, privileges or obligations of foreign citizenship occurred before the clearance subject became an Australian citizen or when the clearance subject was a minor.
  14. The use of a foreign passport is approved by the Chief Security Officer or delegate.
  15. The foreign passport has been destroyed, surrendered or invalidated.
  16. The vote in a foreign election was encouraged by the Australian Government.

Back to top

Personal relationships and conduct

Concerns

Conduct involving questionable judgement, dishonesty or unwillingness to comply with rules and regulations can raise questions about the clearance subject's reliability, trustworthiness and ability to protect Australian Government resources.

Of special interest is any failure to provide truthful and candid answers during the security clearance process or a failure to cooperate with the security clearance process. Either of the following will normally result in denial or revocation of a security clearance, or administrative termination of further processing for a security clearance assessment:

  1. refusal or failure without reasonable cause to undergo or cooperate with the security clearance process, including meeting with an assessing officer for a security interview, completing security and consent forms and cooperation with supplementary evaluations and periodic reviews
  2. refusal to provide full, frank and truthful answers to relevant questions of assessing officers, or other official representatives in connection with a personnel security determination.

Sexual behaviour that involves a criminal offence indicates a personality or emotional disorder and reflects a gross lack of judgement and discretion. This may put the clearance subject in a position of undue influence or coercion, exploitation or duress that can raise questions about the clearance subject's reliability, trustworthiness and maturity. Sexual orientation is not relevant to these considerations.

Conditions that could raise a security concern and may be disqualifying

Conditions that could raise a security concern and may be disqualifying include:

  1. Deliberate omission, concealment or falsification of relevant facts from a personnel security questionnaire, personal history statement or similar form used to determine security clearance suitability, or providing misleading information to assessing officers or other officers involved in the clearance process.
  2. Credible adverse information in several adjudicative issue areas that is not sufficient for an adverse determination under any other single guideline, but when considered in total, supports a whole-of-person assessment of questionable judgement, untrustworthiness, unreliability, lack of candour, unwillingness to comply with rules and regulations or other characteristics indicating that the person may not properly safeguard official information.
  3. Credible adverse information that is not explicitly covered under any other guideline and may not be sufficient by itself for an adverse determination, but, when combined with all available information, supports a whole-of-person assessment of questionable loyalty, trustworthiness, honesty, maturity, tolerance or vulnerability to coercion or influence. This includes consideration of:
    1. untrustworthy or unreliable behaviour including breaches of client confidentiality, release of proprietary information, unauthorised release of sensitive corporate or other official government information
    2. disruptive, violent or inappropriate behaviour in the workplace
    3. a pattern of dishonesty or rule violations
    4. evidence of significant misuse of government or other employer's time or resources.
  4. Sexual behaviour of a criminal nature, whether or not the clearance subject has been prosecuted.
  5. A pattern of compulsive, self-destructive or high-risk sexual behaviour that the person is unable to stop or that may be symptomatic of a personality disorder.
  6. Sexual behaviour that causes the clearance subject to be vulnerable to coercion, exploitation or duress.
  7. Personal conduct, or concealment of information about conduct, that creates a vulnerability to exploitation, manipulation or duress, such as:
    1. engaging in activities which, if known, may affect the person's personal, professional or community standing
    2. while in another country, engaging in any activity that is illegal in that country or that is legal in that country but illegal in Australia and may serve as a basis for exploitation or pressure by the foreign security or intelligence service or other group.
  8. Violation of a written or recorded commitment made by the clearance subject to the employer as a condition of employment.
  9. Association with persons involved in criminal activity.
Conditions that could mitigate security concerns

Conditions that could mitigate security concerns include:

  1. The behaviour occurred prior to or during adolescence and there is no evidence of subsequent conduct of a similar nature.
  2. The behaviour no longer serves as a basis for coercion, exploitation or influence.
  3. The clearance subject made prompt, good faith efforts to correct the omission, concealment or falsification before being confronted with the facts.
  4. The refusal or failure to cooperate, omission or concealment was caused by or associated with improper or inadequate advice of government officers or legal counsel. Upon being made aware of the requirement to cooperate or provide the information, the clearance subject cooperated fully and truthfully.
  5. The behaviour or offence is so minor, or so much time has passed, or the behaviour is so infrequent, or it happened under such unique circumstances that it is unlikely to recur and does not cast doubt on the clearance subject's current reliability, trustworthiness or good judgement.
  6. The clearance subject has acknowledged the behaviour and obtained counselling to change the behaviour or has taken other positive steps to alleviate the stressors, circumstances, or factors that caused untrustworthy, unreliable or other inappropriate behaviour. There is evidence that this treatment has been effective and such behaviour is unlikely to recur.
  7. The clearance subject has taken positive steps to reduce or eliminate vulnerability to exploitation, manipulation or duress.
  8. The information was unsubstantiated or from a source of questionable reliability.
  9. Association with persons involved in criminal activity has ceased or occurs under circumstances that do not cast doubt upon the clearance subject's reliability, trustworthiness, judgement or willingness to comply with rules and regulations.

Back to top

Financial considerations

Concerns

Failure or inability to live within one's means, satisfy debts or meet financial obligations may indicate poor self-control, lack of judgement or unwillingness to abide by rules and regulations. This may raise questions about a clearance subject's honesty, trustworthiness, maturity and vulnerability to coercion or influence.

A clearance subject who is financially overextended may be at a heightened risk of engaging in illegal acts including espionage to generate funds. This risk is further heightened if the financial difficulties have arisen from compulsive behaviour, for example gambling.

Unwillingness to pay debts where means are available may indicate untrustworthiness or lack of conscience regarding obligations.

Affluence that cannot be explained by known sources of income is a concern as it may indicate proceeds from financially profitable criminal acts.

Conditions that could raise a security concern and may be disqualifying

Conditions that could raise a security concern and may be disqualifying include:

  1. Inability or unwillingness to satisfy debts.
  2. Indebtedness caused by frivolous or irresponsible spending and the absence of any evidence of willingness or intent to pay the debt or establish a realistic plan to pay the debt.
  3. A history of not meeting financial obligations.
  4. Deceptive or illegal financial practices such as embezzlement, theft, fraud, tax evasion or other intentional breaches of trust.
  5. Consistent spending beyond one's means, which may be indicated by excessive indebtedness, significant negative cash flow, high debt-to-income ratio or other financial analysis.
  6. Financial problems that are linked to drug abuse, alcoholism, gambling addiction or other matters indicating compulsive behaviour or emotional or psychological instability that may have implications for the clearance subject's maturity, trustworthiness and vulnerability to coercion or influence (refer to factor areas alcohol and drug usage, and emotional and mental health issues).
  7. Repeated failure to meet Australian taxation requirements.
  8. Unexplained affluence, as shown by a lifestyle or standard of living, increase in net worth, or money transfers that cannot be explained by the subject's known legal sources of income.
  9. Compulsive or addictive gambling as indicated by an unsuccessful attempt to stop gambling, 'chasing losses' (ie increasing the bets or returning another day in an effort to get even), concealment of gambling losses, borrowing money to fund gambling or pay gambling debts, family conflict or other problems caused by gambling.
Conditions that could mitigate security concerns

Conditions that could mitigate security concerns include:

  1. The behaviour happened so long ago, was so infrequent, or occurred under such circumstances that it is unlikely to recur and does not cast doubt on the clearance subject's current reliability, trustworthiness or good judgement.
  2. The conditions that resulted in the financial problem were largely beyond the person's control (eg loss of employment, a business downturn, unexpected medical emergency or a death, divorce or separation) and the clearance subject acted responsibly.
  3. The person has received or is receiving counselling for the problem or there are clear indications that the problem is being resolved or is under control.
  4. The clearance subject initiated good faith efforts to repay overdue creditors or otherwise resolve debts.
  5. The clearance subject has a reasonable basis to dispute the legitimacy of the debt and provides evidence of actions to resolve the issue.
  6. The affluence resulted from a legal source of income.

Back to top

Alcohol and drug use

Concerns

Excessive alcohol consumption often leads to questionable judgement or the failure to control impulses and can raise questions about a clearance subject's reliability, trustworthiness and ability to maintain discretion.

Drugs are mood and behaviour altering substances. They include drugs, materials and other chemical compounds identified and listed in Schedule 4 of the Customs (Prohibited Imports) Regulations 1956 and inhalants and other similar substances.

Drug abuse is the use of an illegal drug, or use of a legal drug in a manner that deviates from approved medical direction.

Use of illegal drugs or misuse of prescription drugs can raise questions about a clearance subject's trustworthiness and honesty because it may impair judgement and a person's ability or willingness to comply with laws, rules and regulations is questioned. Use of illegal drugs or misuse of prescription drugs may make the clearance subject vulnerable to coercion or influence.

Conditions that could raise a security concern and may be disqualifying

Conditions that could raise a security concern and may be disqualifying include:

  1. Alcohol-related incidents away from work, such as driving while under the influence, fighting, child or spouse abuse, disturbing the peace or other incidents of concern, regardless of whether the clearance subject has been diagnosed as an alcohol abuser or is alcohol dependent.
  2. Alcohol-related incidents at work, such as reporting for duty in an intoxicated or impaired condition, or excessive drinking while at work.
  3. Habitual or binge consumption of alcohol to the point of impaired judgement.
  4. Diagnosis by a duly qualified medical professional (eg physician, clinical psychologist, or psychiatrist) of alcohol or drug abuse or dependence.
  5. Identification of alcohol or drug abuse or dependence by an accredited clinical social worker who is a staff member of a recognised alcohol or drug treatment program.
  6. Relapse after diagnosis of alcohol or drug abuse or dependence and completion of an alcohol or drug rehabilitation program.
  7. Criminal charges relating to alcohol or drug abuse or possession.
  8. Failure to follow court orders regarding alcohol or drug education, evaluation, treatment or abstinence.
  9. Any drug abuse.
  10. Testing positive for illegal drug use.
  11. Illegal drug possession, including cultivation, processing, manufacture, purchase, sale or distribution or possession of drug paraphernalia.
  12. Expressed intent to continue illegal drug use, or failure to clearly and convincingly commit to discontinue drug use.
Conditions that could mitigate security concerns

Conditions that could mitigate security concerns include:

  1. So much time has passed, or the behaviour was so infrequent, or it happened under such unusual circumstances that it is unlikely to recur or does not cast doubt on the clearance subject's current reliability, trustworthiness or good judgement.
  2. The clearance subject is participating in an alcohol counselling or treatment program, has no history of previous treatment and relapse and is making satisfactory progress:
    1. The clearance subject has acknowledged their alcohol dependence or abuse and has successfully completed inpatient or outpatient alcohol counselling or rehabilitation along with any required aftercare.
    2. The clearance subject has demonstrated a clear and established pattern of modified consumption or abstinence in accordance with treatment recommendations and adherence to a program, such as Alcoholics Anonymous or a similar organisation.
    3. The clearance subject has received a favourable prognosis by a duly qualified medical professional or an accredited clinical social worker who is a staff member of a recognised alcohol treatment program.
  3. A demonstrated intent not to abuse any drugs in the future, such as:
    1. disassociation from drug using associates and contacts
    2. changing or avoiding the environment where drugs were used
    3. an appropriate period of abstinence
    4. a signed statement of intent with automatic review for cause of clearance for any violation.
  4. Abuse of prescription drugs was after a severe or prolonged illness during which these drugs were prescribed and the abuse has since ended.
  5. Satisfactory completion of a prescribed drug treatment program, including but not limited to, rehabilitation and aftercare requirements, without recurrence of abuse, and a favourable prognosis by a duly qualified medical professional or an accredited clinical social worker who is a staff member of a recognised drug treatment program.

Back to top

Criminal history and conduct

Concerns

Criminal activity creates doubt about a person's judgement, reliability, trustworthiness, maturity and honesty. It calls into question a person's ability or willingness to comply with laws, rules and regulations.

Conditions that could raise a security concern and may be disqualifying

Conditions that could raise a security concern and may be disqualifying include:

  1. A criminal offence, or multiple lesser offences, or a conviction in an Australian or foreign court, including a military court-martial, for a crime.
  2. Discharge or dismissal from the Australian Defence Force or police force under adverse conditions.
  3. Credible allegation or admission of criminal conduct, regardless of whether the person was formally charged, formally prosecuted or convicted.
  4. The clearance subject is currently on parole or probation.
  5. Violation of parole or probation, or failure to complete a court-mandated rehabilitation program.
  6. Voluntary association with criminals.
Conditions that could mitigate security concerns

Conditions that could mitigate security concerns include:

  1. So much time has elapsed since the criminal behaviour happened, or it happened under such unusual circumstances that it is unlikely to recur and does not cast doubt on the clearance subject's reliability, honesty, trustworthiness or good judgement.
  2. The person was pressured or coerced into committing the act and those pressures are no longer present in the person's life.
  3. Persuasive evidence that the person did not commit the offence or the conviction for the offence was subsequently overturned.
  4. There is evidence of successful rehabilitation, including the passage of time without recurrence of criminal activity, evidence of remorse or restitution, job training or higher education, good employment record or constructive community involvement.

Back to top

Security violations

Concerns

Deliberate or negligent failure to comply with procedures, rules and regulations for protecting sensitive or security classified information, including on ICT systems, raises doubt about a clearance subject's trustworthiness, judgement, reliability or willingness and ability to safeguard such information, and is a serious security concern.

ICT systems include computer hardware, software, firmware and data used for the communication, transmission, processing, manipulation, storage or protection of security classified information.

Conditions that could raise a security concern and may be disqualifying

Conditions that could raise a security concern and may be disqualifying include:

  1. The unauthorised:
    1. viewing
    2. disclosing
    3. collecting
    4. storing
    5. handling
    6. destroying
    7. manipulating
    8. modifying

    of sensitive or security classified information.

  2. Deliberate disregard of entity procedures or guidelines for the handling, use and storage of sensitive or security classified information.
  3. Copying sensitive or security classified information in a manner designed to conceal or remove classification or other document control markings.
  4. Viewing or downloading information from a secure system beyond the clearance subject's need to know.
  5. Any failure to comply with rules for the protection of sensitive or security classified information.
  6. Negligence or lax security habits that persist despite counselling by management.
  7. Failure to comply with rules or regulations that result in damage to national security, regardless of whether it was deliberate or negligent.
  8. Illegal or unauthorised:
    1. entry into any ICT system
    2. modification
    3. destruction
    4. manipulation
    5. denial of access

    to information, software, firmware or hardware in an ICT system.

  9. Use of any ICT system to gain unauthorised access to another system or to a compartmented area within the same system.
  10. Downloading, storing or transmitting security classified information on or to any unauthorised software, hardware or ICT system.
  11. Unauthorised use of a government or other ICT system.
  12. Introduction, removal or duplication of hardware, firmware, software or media to or from any ICT system without authorisation, when prohibited by rules, procedures, guidelines or regulations.
  13. Any misuse of ICT, whether deliberate or negligent, that results in damage to national security.
  14. Misuse of both government and private information and ICT systems are of concern.
Conditions that could mitigate security concerns

Conditions that could mitigate security concerns include:

  1. So much time has elapsed since the behaviour, or it has happened so infrequently or under such unusual circumstances, that it is unlikely to recur and does not cast doubt on the clearance subject's current reliability, honesty, trustworthiness or good judgement.
  2. The clearance subject responded favourably to counselling or remedial security training and now demonstrates a positive attitude towards the discharge of security responsibilities.
  3. The security violations were due to improper or inadequate training.
  4. The misuse was minor and done only in the interest of a bona fide emergency or operational imperative when no other timely alternative was readily available.
  5. The conduct was unintentional or inadvertent and was followed by a prompt, good faith effort to correct the situation and notify a supervisor.

Back to top

Emotional and mental health issues

Concerns

Certain emotional, mental and personality conditions can impair judgement, reliability or trustworthiness. A formal diagnosis of a disorder is not required for there to be a concern under this guideline.

A duly qualified mental health professional (eg clinical psychologist or psychiatrist) employed by or acceptable to and approved by the entity, must be consulted when evaluating potentially disqualifying and mitigating information under this guideline.

No negative inference concerning the standards in these guidelines may be raised solely based on seeking mental health counselling.

Conditions that could raise a security concern and may be disqualifying

Conditions that could raise a security concern and may be disqualifying include:

  1. Behaviour that casts doubt on a clearance subject's judgement, reliability or trustworthiness that is not covered under any other guideline, including emotionally unstable, irresponsible, dysfunctional, violent, paranoid or bizarre behaviour.
  2. An opinion by a duly qualified mental health professional that the clearance subject has a condition not covered under any other guideline that may impair judgement, reliability or trustworthiness.
  3. The clearance subject has failed to follow treatment advice related to a diagnosed emotional, mental or personality condition, for example failure to take prescribed medication.
Conditions that could mitigate security concerns

Conditions that could mitigate security concerns include:

  1. The identified condition is readily controllable with treatment and the clearance subject has demonstrated ongoing and consistent compliance with the treatment plan.
  2. The clearance subject has voluntarily entered a counselling or treatment program for a condition that is amenable to treatment and the clearance subject is currently receiving counselling or treatment with a favourable prognosis by a duly qualified mental health professional.
  3. Recent opinion by a duly qualified mental health professional employed by or acceptable to and approved by the entity seeking the clearance that a clearance subject's previous condition is under control or in remission and has a low probability of recurrence or exacerbation.
  4. The past emotional instability was a temporary condition (eg one caused by death, illness, or marital break-up), the situation has been resolved, and the clearance subject no longer shows indications of emotional instability.
  5. There is no indication of a current problem.

Back to top

 

Annex B. Variation of Special Minister of State's Determination 2012/1 for a Minister's electorate officer

The Special Minister of State Determination 2012/1 requires that staff of Ministers employed under Part III of the Members of Parliament (Staff) Act 1984 obtain and maintain a Negative Vetting Level 2 security clearance. Under the Determination, a Minister's Chief of Staff may request a variation of the security clearance requirement from the Secretary of the Attorney-General's Department.

The Secretary, Attorney-General's Department will consider a request to vary the requirement for a Negative Vetting Level 2 security clearance following endorsement by the portfolio department.

Annex B Table 1 Possible variations to Members of Parliament staff security clearance requirements

Electorate officers employed by an NSC Minister

SECRET or TOP SECRET

No variation. Negative Vetting Level 2 security clearance required

OFFICIAL, OFFICIAL: Sensitive or PROTECTED

Variation to Baseline security clearance may be sought

Electorate officers employed by a non-NSC Minister

TOP SECRET

No variation. Negative Vetting Level 2 security clearance required

SECRET

Variation to Negative Vetting Level 1 security clearance may be sought

OFFICIAL, OFFICIAL: Sensitive or PROTECTED

Variation to Baseline security clearance may be sought

Use the following form when requesting a variation of the Negative Vetting Level 2 security clearance requirement for Members of Parliament staff:

Back to top

Annex C. What is procedural fairness

Procedural fairness is concerned with the procedures used by a decision maker, rather than the actual outcome reached – it is a matter of administrative law. It requires a fair and proper procedure be used when making a decision. A decision maker who follows a fair procedure is more likely to reach a fair and correct decision. The two primary rules of procedural fairness are:

  1. the hearing rule, which requires a person be given an opportunity to be heard and express their views to a decision maker
  2. the bias rule, which requires a decision maker to be impartial.

The term procedural fairness is preferred when referring to administrative decision-making because the term 'natural justice' is associated with procedures used by courts of law. However, the terms have similar meaning and are commonly used interchangeably. For consistency, the term 'procedural fairness' is used in these guidelines.

Procedural fairness and security clearance decisions

To comply with administrative law principles, vetting agencies must apply the rules of procedural fairness to security clearance decisions that are adverse to a clearance subject, including decisions to deny or revoke a security clearance.

As part of the security clearance decision-making process and in accordance with the hearing rule, where an adverse decision is proposed, the Attorney-General's Department recommends that vetting agencies tell the clearance subject the case to be met (to the fullest extent possible consistent with national security) and give them an opportunity to reply before the delegate makes a decision. It is recommended that vetting agencies ensure that the clearance subject:

  1. is told the case to be met before preparing their reply, including being provided with a description of the proposed decision, the criteria for making that decision and the information on which any such decision would be based. It is recommended that negative information a vetting agency has about the clearance subject be disclosed to the extent possible consistent with national security. It is sufficient that a summary of the information being considered be provided to the clearance subject – original documents and the identity of confidential sources do not have to be provided
  2. is provided with a reasonable opportunity to consider their position and prepare a response
  3. have their reply considered by the delegate before the decision is made.

The bias rule requires that a delegate making a security clearance decision:

  1. does not have an interest (either direct or indirect) in the matter being decided
  2. does not bring, or appear to bring, a biased or prejudiced mind to making the decision.

A delegate must be impartial. Vetting agencies must maintain processes to ensure application of the bias rule to comply with administrative law principles.

Back to top

How does procedural fairness apply to a clearance subject who may be negatively affected by a delegate's decision?

If a clearance subject is negatively affected by a delegate's decision they can expect that the assessing officer and delegate will follow the rules of procedural fairness before reaching a conclusion. In particular, a clearance subject is entitled to:

  1. being told the case to be met (eg that an agency is considering denying, ceasing a clearance, or imposing conditions on the clearance), including being provided with a description of the proposed decision, the criteria for making that decision and the information on which the decision would be based (any negative or prejudicial information relating to the clearance subject must be disclosed to the extent possible consistent with national security)
  2. an opportunity to reply to the case to be met by a written reply or submission or, in very exceptional circumstances, a delegate may determine it appropriate that a face-to-face meeting be facilitated.

In submitting a reply to the delegate, a clearance subject may:

  1. deny the allegations
  2. provide evidence they believe disproves the allegations
  3. explain the allegations or present an innocent explanation
  4. provide details of any special circumstances they believe need to be taken into account.

How does procedural fairness apply to an assessing officer?

An assessing officer must take into account the requirements of procedural fairness during the clearance process, including when undertaking a security clearance assessment and preparing a recommendation for a delegate. To comply with administrative law principles when making a recommendation to a delegate, an assessing officer must:

  1. consider all submissions made by a clearance subject
  2. take into account only relevant information
  3. ensure that any recommendation made is based on evidence that is relevant and supports the recommendation
  4. act fairly and impartially
  5. conduct the clearance process without unnecessary delay
  6. ensure that a full record of the clearance process has been made.

How does procedural fairness apply to the delegate?

In making a security clearance decision that complies with administrative law principles, a delegate must comply with the rules of procedural fairness and ensure that:

  1. a clearance subject has been provided with an opportunity to be heard to make submissions if this has not already occurred
  2. they act fairly and impartially, including ensuring there is no reasonable perception of bias on the part of the delegate.

Back to top

Annex D. Review of decisions

The denial or granting of a security clearance, with or without specific clearance maintenance requirements, is an administrative decision and is reviewable. The avenues for review vary depending on the applicable vetting agency, sponsoring entity and the status of the clearance subject.

 

Employer

Administrative review process

APS employees

Primary review by the relevant vetting agency – an employee can seek an initial review conducted by the vetting agency. The employee has 120 days from notification of the security decision to request a review under regulation 5.24(1) of the Public Service Regulations 1999.

Secondary review by the Merit Protection Commissioner – an employee can seek an independent review if they are dissatisfied with a decision arising from the vetting agency's review or have been advised that the matter is not reviewable. An employee has 60 days from the time they are advised of the decision of the relevant vetting agency's review to make an application for review by the Merit Protection Commissioner under regulation 5.29(1) of the Public Service Regulations 1999. An employee seeking review must lodge their application with the vetting agency. The agency has 14 days to forward the application to the Merit Protection Commissioner with all of the relevant paperwork from the primary review.

Employees may also lodge a complaint with the Commonwealth Ombudsman. An Ombudsman will generally only investigate a complaint if other review processes have been completed within the relevant agency. If an employee is dissatisfied with the Ombudsman's decision whether to investigate a complaint, they can seek an internal review of the decision within 3 months.

Australian Defence Force members

Members may seek an internal review via the procedures outlined in Defence Complaints and Resolution Manual that is available to Australian Defence Force members.

Australian Defence Force members can also seek review by the Defence Force Ombudsman.

Non-APS employees

Employees may have access to internal review procedures set by the relevant vetting agency.

Employees may also lodge a complaint with the Commonwealth Ombudsman. An Ombudsman will generally only investigate a complaint if other review processes have been completed within the relevant agency. If an employee is dissatisfied with the Ombudsman's decision whether to investigate a complaint, they can seek an internal review of the decision within 3 months.

Back to top

A secondary review by the Merit Protection Commissioner cannot reverse a decision made by the delegate, under regulation 5.28 of the Public Service Regulations 1999. Instead, under the regulations the Commissioner must make a recommendation to the relevant authorised vetting agency. Under regulation 5.32, the vetting agency may confirm the action, vary it or set the action aside and substitute a new action in response to the recommendation. The agency must advise the Merit Protection Commissioner of its decision. If the Merit Protection Commissioner is not satisfied with the vetting agency's response, subsection 33(6) of the Public Service Act 1999 allows for the matter to be reported to the agency's minister, the Prime Minister and the Parliament.

The clearance subject may appeal in the Administrative Appeals Tribunal against any assessment or any decision made as a result of the ASIO assessment. The subject must be advised in writing within 14 days of any adverse or qualified ASIO assessment, taking into account any restrictions imposed by an Attorney-General's Certificate and provided with a copy of the unclassified security assessment and statement of grounds that sets out the case against them. The review process is conducted through the Security Division of the Administrative Appeals Tribunal. For information about how to apply for a review of a decision in the Security Division, see the Administrative Appeals Tribunal website.

The Attorney-General's Department recommends vetting agencies ensure the clearance subject has been given a chance to respond to any other suitability concerns. Any responses by the clearance subject will be included on the clearance subject's personal security file.

The clearance subject may also make a formal complaint to:

  1. the Privacy Commissioner, if they feel there was a breach of the Privacy Act 1988 in the way information was handled
  2. the Human Rights Commissioner, if they feel they have been unfairly discriminated against. Under section 20 of the Human Rights Commission Act 1986, the Commissioner will investigate a complaint or provide written notice explaining why the complaint will not be investigated. If the complaint refers to an action by an intelligence agency, the Commissioner will refer the complaint to the Inspector-General of Intelligence and Security.

The clearance subject may also seek judicial review of a vetting decision in the Federal Court of Australia or High Court of Australia under section 39B of the Judiciary Act 1903 or section 75(v) of the Constitution.

Back to top

Annex E. Digital footprint checks framework

Purpose

This framework assists vetting agencies to conduct digital footprint checks in a consistent manner. It also helps vetting agencies establish a picture of a clearance subject's digital footprint, including any online information or potential behaviours of concern that may require further checks or investigations.

This digital footprint check framework sets out:

  1. a definition of publicly accessible data
  2. the minimum required checks
  3. considerations for identifying and assessing online information.

A digital footprint is the unique pattern of electronic transactions made by an individual's online presence. An assessment of a clearance subject's digital footprint can provide insight into their life, interactions and personal views.

Information obtained from a digital footprint check can be combined with, or corroborate, other information obtained through personnel security vetting to provide assurance that a clearance subject has provided a full and truthful account of information relevant to the assessment of their integrity and, therefore, their suitability to hold a security clearance. The value of information obtained can differ significantly between clearance subjects and is dependent on their online engagement.

The Attorney-General's Department, in consultation with the AGSVA and the Vetting Officers Community of Practice, has developed the framework to align with the requirements of the PSPF.

Publicly accessible data

Requirement 3c(ii) of the PSPF policy: Eligibility and suitability of personnel mandates that vetting agencies conduct personnel security checks for all clearance levels (Baseline to Positive Vetting, inclusive) including a publicly accessible digital footprint check.

Online publicly accessible information refers to data that has been published online and is available publically. This includes information obtained by virtue of general memberships, accounts on online social platforms or websites that are available to anyone.

Information is not publicly accessible if it is available only by connecting, 'friending', 'liking' or directly interacting with a clearance subject or third party to bypass privacy controls or access information limited by privacy settings.

Publicly accessible data collected about an individual may be defined as personal information for the purposes of the Privacy Act 1988. Vetting agencies are responsible for ensuring that digital footprint check policies and procedures3 accord with the information requirements in the Privacy Act 1988, the Archives Act 1983 and any agency specific legislation.

Back to top

Minimum required checks

A digital footprint check establishes an initial picture of a clearance subject's online presence. An initial picture of a clearance subject's digital footprint is obtained by applying the minimum required checks to a degree that is proportionate to the background check period of the clearance level, any identified risks and personnel security risk assessments that apply. The minimum checks required to establish a digital footprint are an open internet search check and social media check as detailed in Annex E Table 1.

To conduct these checks effectively, vetting agencies need sufficient personal information about the clearance subject. This may include details of online aliases and accounts.4 The level of information requested from a clearance subject and the extent of checks against this information should be proportionate to the level of clearance, the relevant background check period and any identified security concerns or risks about the clearance subject.

 

Annex E Table 1 Minimum digital footprint checks

Check

Rationale

Recommended minimum search parameters

Open search check

An open search engine enables a wide screening of online data that may provide information on a clearance subject not captured in other security vetting checks.

The Attorney-General's Department recommends that vetting agencies check the clearance subject's details within an open search engine to screen for any publicly accessible information relating to the clearance subject that is relevant to establishing their integrity and assessing their suitability to hold an Australian Government security clearance, including:

  1. content generated by or attributable to the clearance subject
  2. financial, professional and personal interests
  3. key associates or influences
  4. legal or administrative proceedings
  5. media relating to clearance subject
  6. any other data relevant to the clearance subject's integrity.

Search terms:

  1. clearance subject's full name
  2. clearance subject's email address(es)
  3. account names, aliases or handles provided by the clearance subject (for large volume search returns it may be necessary to limit the search to a geographical location).

Time:

  1. relevant background check period (for large volume search returns it may be necessary to sample relevant returns).

Search engines:

  1. any open search engine (eg Google, Bing, Internet Archive).

Social media check

Online social media relating to the clearance subject can provide information about their online behaviour and social networks.

The Attorney-General's Department recommends that vetting agencies screen social media accounts and pages relating to the clearance subject for any publicly accessible information that is relevant to establishing their integrity and assessing their suitability to hold an Australian Government security clearance, including:

  1. posted content
  2. 'shared' and 'liked' content (this should be viewed with caution, however, may be useful if consistent with other information known about, or posts made by, the clearance subject)
  3. participation in online communities and interest groups
  4. pages or accounts followed
  5. networking and interactions with other online persons or accounts.

The extent of information that is publicly accessible will depend on the scale of the clearance subject's social media presence and the privacy settings they have set on each platform.

Search terms:

  1. clearance subject's full name
  2. clearance subject's email address(es), and
  3. account names, aliases or handles provided by the clearance subject (for large volume search returns it may be necessary to limit the search to a geographical location).

Time:

  1. relevant background check period (for large volume search returns it may be necessary to sample relevant returns).

Social media platforms:

  1. Facebook, Instagram, Twitter
  2. any platforms the clearance subject has disclosed in the vetting process
  3. any platforms identified in the open search check.

The results of the minimum checks may indicate the need for more targeted searches to collect additional information. Targeted searches may also be warranted in response to identified security concerns or to corroborate information obtained through the vetting process.

Back to top

Identifying and assessing online information

As an element of security vetting, the digital footprint check is conducted against the factor areas of the Personnel Security Adjudicative Guidelines. The check's purpose is to collect information to support the assessment of the clearance subject's suitability to hold a security clearance and to establish their integrity. The factor areas of the guidelines assist in focusing digital footprint checks against relevant criteria.

The Attorney-General's Department recommends that vetting agencies corroborate and verify the integrity of the information if the digital footprint check identifies information of security concern. Where there are remaining issues in attributing information to the clearance subject, it may be warranted to raise this with the clearance subject and provide them with an opportunity to clarify or provide further information.

Recommendations on a security clearance outcome should not rely solely on information collected through a digital footprint check.

The Attorney-General's Department recommends vetting agencies account for missing or inaccurate information and the possibility of a clearance subject (or third party) sanitising or obfuscating their digital footprint to create a misleading impression. Discrepant information, or where it is apparent information obtained through a digital footprint check has been omitted by the clearance subject in other vetting checks (eg close associates of foreign nationality, significant life events and international travel or employment), should be resolved by the vetting agency.

Online behaviour

Posts, photos and other online activities are all online behaviours. Some online behaviours may be indicators of security concern that require further investigation or consideration in the vetting process. Some examples of online behaviours that may be of security concern are described in Annex E Table 2.

 

Table 2 Examples of online behaviours that may be of security concern

Online behaviours

Relevant factor area(s)

Deliberate participation in or endorsement of ideological motivations that are anti-democratic, anti-rule of law or otherwise fundamentally undermine the rights of others to live in a free society.

External loyalties, influences and associations.
Security Attitudes and violations.

Indications of significant associations, activities or attitudes that draw into question the subject's loyalty to Australia.

External loyalties, influences and associations.

Appearing susceptible to, or easily succumbs to, groupthink or other conformity pressures (such as situations where the clearance subject continues to support dialogue that becomes intolerant, discriminatory or otherwise cruel).

Personal relationships and conduct.
External loyalties, influences and associations.

Indications of poor reliability or trustworthiness such as flagrant dishonesty, consistent tardiness and absenteeism.

Personal relationships and conduct.

Media profile obtained through circumstances that may bring reputational harm.

Personal relationships and conduct.

Attitudes favouring inappropriate disclosure of sensitive or otherwise confidential information, the misuse of information technology systems and/or wilfully contravening of rules or regulations governing the handling of sensitive information.

Security attitudes and violations.

Images or information indicating impulsive or ostentatious purchases that suggests poor financial management, or indications the clearance subject is living above and beyond their financial means.

Financial considerations.

Indications of inappropriate use of alcohol or drugs.

Alcohol and drug usage.

Engaging in criminal activity or deliberate rule violations.

Criminal history and conduct.
Security attitudes and violations.

Back to top

It can be difficult to establish the context of some online behaviour. However, vetting officers may identify and flag for further investigation any online activity of potential interest that may call into question a clearance subject's integrity and, therefore, their suitability to hold a security clearance. For example, further investigation may identify additional context such as a clearance subject following controversial pages for research interest rather than personal loyalty, or posting comments that are difficult to interpret without knowledge of a community's culture or influences. This additional context could mitigate the concerns identified against the relevant factor areas.

Keeping records of online information

Vetting agencies should only retain publicly accessible information that is directly related to, or reasonably necessary for, assessing the clearance subject's suitability to hold an Australian Government security clearance. Personal information (other than sensitive personal information5 about a third party to the clearance subject should not be collected unless it is relevant to the clearance subject's suitability to hold a security clearance.

The Attorney-General's Department recommends that vetting agencies comprehensively document information obtained through a digital footprint check because of the changing nature of online information. Information must have a relevant bearing on a clearance subject's suitability to hold a security clearance, including screenshots and direct links where possible.

Back to top


1For locally engaged personnel, an entity may grant a waiver for citizenship eligibility where the preferred person is not an Australian citizen and the entity understands and agrees to manage that risk.

2This includes a security clearance issued by a state or territory government in accordance with the Memorandum of Understanding for the Protection of National Security Information between the Commonwealth, states and territories, where the personal security file is transferred to an authorised vetting agency.

3 Including the management and storage of online information collected through digital footprint checks.

4 This could also include full names, AKAs, nicknames, handles, personas, email addresses, URLs as well as telephone numbers, addresses, car registration details and other identifiable details of online accounts managed by the clearance subject.

5 Sensitive personal information about a third party can only be collected if the third party consents to the collection. For information, see the Office of the Australian Information Commissioner Australian Privacy Principle Guidelines.​​​

​​

<<< Robust ICT systems

Ongoing assessment of personnel >>>

​​​​