Australian Government resources on protective security
Protective security policy community on GovTEAMS
The Protective Security Policy team in the Attorney-General's Department manages the protective security policy community on GovTEAMS. This community on GovTEAMS. This community provides a number of forums for Australian Government protective security practitioners and policy makers to share information and best practice. The site also contains additional resources and information on implementing the PSPF that have been designated for limited distribution. Access to the GovTEAMS community is only available to Australian government personnel–requests for access can be sent using the 'Contact us' form on this website.
Other online resources
There are a number of other Australian Government entities with responsibilities that support the implementation of the PSPF, including the lead security entities listed in the PSPF policy: Role of the Accountable Authority. Many of these entities provide information and advice online (either on their primary website or a related, dedicated website) that is relevant to implementing the PSPF, or have resources available through other means. The following list is not exhaustive–entities using other information sources are requested to contact us and provide details so that we can keep this list up to date.
ASIO Business and Government Liaison Unit
The ASIO Business and Government Liaison Unit (ASIO-BGLU) is the principal interface between the Australian Security Intelligence Organisation (ASIO) and government and industry stakeholders. The BGLU provides information via a number of means including a subscriber-controlled website, ASIO-hosted briefings, face to face engagement and participation in joint government and industry forums. All these mechanisms are aimed at providing risk management decision-makers within government and industry with the most current security intelligence and protective security advice to assist them to:
- recognise and respond to national security threats
- develop appropriate risk mitigation strategies
- provide informed briefings to executives and staff.
Access to BGLU information is limited to registered BGLU subscribers. Visit the ASIO-BGLU website to subscribe.
Australian Cyber Security Centre
The Australian Cyber Security Centre (ACSC) is the Australian Government's lead on national cyber security. It brings together cyber security capabilities from across the Australian Government to improve the cyber resilience of the Australian community and support the economic and social prosperity of Australia in the digital age. The Australian Signals Directorate (ASD) through the Australian Cyber Security Centre (ACSC) provides cyber security advice and assistance to Australian governments, businesses and individuals. The Intelligence Services Act 2001 establishes ASD as the Commonwealth authority on the security of information.
ACSC is responsible for policy guidance, specialised information security training and professional forums supporting government information security. ACSC information security resources, including the Strategies to Mitigate Cyber Security Incidents and the Australian Government Information Security Manual (ISM) are available on the ACSC website and on the new www.cyber.gov.au website.
Security Construction and Equipment Committee
The Security Construction and Equipment Committee (SCEC) is a standing inter-departmental committee responsible for the evaluation of security equipment for use by Australian Government departments and agencies. SCEC is also responsible for the SCEC Security Zone Consultant scheme, SCEC Approved Locksmith scheme, and SCEC endorsed Courier scheme. SCEC's equipment evaluation program and consultant, locksmith and courier schemes are managed by ASIO's T4 Protective Security.
The Office of the Australian Information Commissioner
The Office of the Australian Information Commissioner's (OAIC) three primary functions–privacy, freedom of information and government information policy–are all relevant to implementing the PSPF. The range of resources available on the OAIC website includes information on the application of the Australian Privacy Principles (APPs) and the Notifiable Data Breaches scheme.
Australian Public Service Commission
The Australian Public Service Commission (APSC) provides advice and resources on a range of matters relating to the Australian Public Service (APS) and public sector workforce management. Its purpose is to position the APS workforce for the future, by shaping the APS workforce, modernising the employment framework, building workforce capability, and promoting integrity. The APSC has published Handling Misconduct: a human resource manager's guide to help APS agencies and employees understand misconduct processes in the Australian Public Service.
Commonwealth Fraud Control Framework
The Attorney-General's Department is responsible for coordinating fraud control policy. Fraud against the Commonwealth is a serious matter for all Australian Government departments and agencies, and the community. It prevents taxpayer dollars from reaching intended targets and affects the government's ability to deliver key services. The Commonwealth Fraud Control Framework outlines the Australian Government's requirements for fraud control, including that government entities put in place a comprehensive fraud control program that covers prevention, detection, investigation and reporting strategies.
Trusted Information Sharing Network (TISN)
The Trusted Information Sharing Network (TISN) for Critical Infrastructure Resilience provides an environment where business and government can share vital information on security issues relevant to the protection of our critical infrastructure and the continuity of essential services in the face of all hazards.
The TISN produces a number of resilience publications.
Reports, audits and inquiries
The Australian National Audit Office (ANAO), as well as some parliamentary committees and Australian Government entities conduct audits and inquiries, and produce reports with findings relevant to protective security. The following is a non-exhaustive list of relevant resources:
ANAO audit reports
The ANAO's annual work program often includes performance audits on the implementation protective security policy in selected government agencies. Reports of past audits are available on the ANAO website, which can be searched by key words, sector or year. Recent performance audit reports that are relevant to the implementation of the PSPF include:
- Cyber Resilience (ANAO Report No. 53 of 2017–2018)–Published 28 June 2018
- Mitigating Insider Threats through Personnel Security (ANAO Report No. 38 of 2017-2018)–Published 11 May 2018
Check the ANAO's annual work program for information on upcoming performance audits.
Joint Committee of Public Accounts and Audit
The Joint Committee of Public Accounts and Audit (JCPAA) examines all reports of the Auditor-General that are tabled in each House of the Parliament, including reports of the results of performance audits. More information about the role of the JCPAA can be found on the Parliament of Australia website. Recent JCPAA reports and inquiries relating to the PSPF include: