Policy 9: Access to information
- Information security
This policy details security protections that support an entity to provide timely, reliable and appropriate access to official information.
Access to OFFICIAL government information must be appropriately controlled, especially when sharing sensitive or security classified information, or disclosing information outside of government.
Entities must consider the information they share and disclose. They must have arrangements in place when sharing information with people outside government.
For people inside government, entities need to ensure the individual has the appropriate security clearance and a need to know. There are access exceptions for some Australian office holders.
Stringent protections apply to caveated information. Of particular note are the following releasability caveats:
- Australian Eyes Only (AUSTEO)
- Australian Government Access Only (AGAO)
- Releasable to (REL) that limit access to resources based on citizenship.
In some limited circumstances, temporary access to classified resources may be required. Short term or temporary access may be granted after considering the security risks.
Entities must put in place measures to control access to information systems holding sensitive and classified information.