Showing 11 - 20 of 24 results
Policy 3: Security planning and risk management
This policy describes how to establish effective security planning, embed security into risk management practices and use security planning risk management to assist decision-making.
Policy 4: Security maturity monitoring
This policy describes how an entity monitors and assesses the maturity of their security risk culture and their ability to actively respond to emerging threats and changes in their security environment, while protecting their people, information and assets.
Policy 5: Reporting on security
Entities must undertake an annual assessment of the maturity of their security capability and how they are implementing the PSPF core and supporting requirements. This policy sets out how to report and what information entities must include.
Policy 6: Security governance for contracted goods and service providers
This policy guides how to assess and manage security risks when procuring goods and services. It supports the Commonwealth Procurement Rules that govern how entities procure goods and services.
Policy 7: Security governance for international sharing
This policy details protections for sensitive and security classified information and assets under international sharing agreements and arrangements to which Australia is a party.
Policy 8: Sensitive and classified information
This policy details how to correctly assess the sensitivity or security classification of information. It also details marking, handling, storage and disposal arrangements to guard against information compromise.
Policy 9: Access to information
This policy details security protections that support an entity to provide timely, reliable and appropriate access to official information.
Policy 10: Safeguarding data from cyber threats
This policy describes how to mitigate common and emerging cyber threats facing the Australian Government.
Policy 11: Robust ICT systems
This policy describes how to safeguard information and communication technology (ICT) systems to support the secure and continuous delivery of government business.
Policy 12: Eligibility and suitability of personnel
This policy details the pre-employment screening processes and standardised vetting practices entities must undertake when employing personnel and contractors.