Physical security


Each entity provides a safe and secure physical environment for their people, information and assets.

Australian Government entities are entrusted with significant resources, which are held on behalf of the Australian people. These resources – the entity's people, information and assets – enable the business of government and allow Australian Government entities to efficiently and effectively deliver a wide range of services for the Australian people. By implementing the PSPF physical security core requirements, supporting requirements, and guidance in the context of the entity's risk environment, each entity aims to protect these resources and provide a safe and secure physical environment for their people, information and assets.

Core requirements for physical security

Policy title Core requirement

Physical security for entity resources

Each entity must implement physical security measures that minimise or remove the risk of:

  1. harm to people, and
  2. information and physical asset resources being made inoperable or inaccessible, or being accessed, used or removed without appropriate authorisation.

Entity facilities

Each entity must:

  1. ensure it fully integrates protective security in the process of planning, selecting, designing and modifying its facilities for the protection of people, information and physical assets
  2. in areas where sensitive or security classified information and assets are used, transmitted, stored or discussed, certify its facility's physical security zones in accordance with the applicable ASIO Technical Notes, and
  3. accredit its security zones.