Australian Government and international resources
There are a small number of Australian Government entities that provide information, services and advice that will help entities to implement the PSPF.
- Australian Security Intelligence Organisation
- Australian Cyber Security Centre
- Commonwealth Fraud Prevention Centre
- Australian Public Service Commission
- Department of Finance.
Australian Government protective security resources
The Protective Security Policy team in the Attorney-General's Department manages the protective security policy community on GovTEAMS. This online community provides a forum for Australian Government protective security practitioners and policy makers to share information and best practice. The site has an extensive publications library with information, designated for limited distribution, to facilitate implementing the PSPF.
Access to the GovTEAMS community is only available to government personnel. To request access, complete the website’s 'Contact us' form.
ASIO Outreach is the principal interface between the Australian Security Intelligence Organisation (ASIO) and government and industry stakeholders. It provides information in a variety of ways, including:
- a subscriber-controlled website
- ASIO-hosted briefings
- face-to-face engagement
- joint government and industry forums.
These mechanisms aim to provide risk management government and industry decision-makers with the most current security intelligence and protective security advice.
This assists them to:
- recognise and respond to national security threats
- develop appropriate risk mitigation strategies
- provide informed briefings to executives and staff.
The ASIO Outreach website contains intelligence-backed reporting on the domestic and international security environment, drawn from ASIO's information holdings and expertise (including the multi-agency National Threat Assessment Centre, ASIO's protective security area (T4) and the Counter-Espionage and Interference Division) and some foreign intelligence partner agency reports.
Access to the website is free. To subscribe, visit the ASIO Outreach website.
Australian Cyber Security Centre (ACSC)
The Australian Cyber Security Centre ACSC) is the Australian Government's lead on national cyber security. It brings together cyber security capabilities from across the Australian Government to improve the cyber resilience of the Australian community and support the economic and social prosperity of Australia in the digital age.
It is responsible for policy guidance, specialised information security training and professional forums supporting government information security. Visit the ACSC website for information security resources, including the Strategies to Mitigate Cyber Security Incidents and the Australian Government Information Security Manual.
Through the Australian Cyber Security Centre, the Australian Signals Directorate provides cyber security advice and assistance to Australian governments, businesses and individuals. The Intelligence Services Act 2001 establishes the Australian Signals Directorate as the Commonwealth authority on the security of information.
Security Construction and Equipment Committee (SCEC)
The Security Construction and Equipment Committee is a standing inter-departmental committee responsible for the evaluation of security equipment for use by Australian Government departments and agencies. SCEC is also responsible for the SCEC Security Zone Consultant scheme, SCEC Approved Locksmith scheme, and SCEC endorsed Courier scheme. SCEC's equipment evaluation program and consultant, locksmith and courier schemes are managed by ASIO's T4 Protective Security.
The Office of the Australian Information Commissioner
The Office of the Australian Information Commissioner's 3 primary functions – privacy, freedom of information and government information policy – are all relevant to implementing the PSPF. Their website includes information about the Australian Privacy Principles and the Notifiable Data Breaches scheme.
Australian Public Service Commission
The Australian Public Service Commission provides advice and resources on a range of matters relating to the Australian Public Service and public sector workforce management. Its purpose is to position the APS workforce for the future, by shaping the APS workforce, modernising the employment framework, building workforce capability, and promoting integrity. The APSC has published Handling Misconduct: a human resource manager's guide to help APS agencies and employees understand misconduct processes in the Australian Public Service.
Commonwealth Fraud Control Framework
The Commonwealth Fraud Prevention Centre is part of the Attorney-General's Department. It is responsible for coordinating fraud control policy. Fraud against the Commonwealth is a serious matter for all Australian Government departments and agencies, and the community. It prevents taxpayer dollars from reaching intended targets and affects the government's ability to deliver key services.
The Commonwealth Fraud Control Framework outlines the Australian Government's requirements for fraud control. One of these is that government entities must put in place a comprehensive fraud control program that covers prevention, detection, investigation and reporting strategies.
Reports, audits and inquiries
The Australian National Audit Office), as well as some parliamentary committees and Australian Government entities, conduct audits and inquiries, and produce reports with findings relevant to protective security.
ANAO audit reports
The ANAO's annual work program often includes performance audits on the implementation of protective security policy in selected government agencies. Reports of past audits are available on the ANAO website, which can be searched by key words, sector or year. Recent performance audit reports that are relevant to the implementation of the PSPF include:
- Cyber Security Strategies of Non-Corporate Commonwealth Entities (ANAO Report No. 32 of 2020-21) – Published 19 March 2021
- Cyber Resilience (ANAO Report No. 53 of 2017–2018) – Published 28 June 2018
- Mitigating Insider Threats through Personnel Security (ANAO Report No. 38 of 2017-2018) – Published 11 May 2018
Check the ANAO's annual work program for information on upcoming performance audits.
Joint Committee of Public Accounts and Audit
The Joint Committee of Public Accounts and Audit (JCPAA) examines all Auditor-General reports that are tabled in each House of the Parliament. This includes performance audit reports. Find out more about the role of the JCPAA on the Parliament of Australia website.
Our international partners have a range of resources that may be useful for entities implementing the PSPF. This list is not exhaustive – if you use other international resources please contact us and provide details so that we can keep this list up to date.
Treasury Board of Canada Secretariat
The Treasury Board of Canada Secretariat is responsible for Canadian protective security policies, directives, standards and guidelines.
Royal Canadian Mounted Police
The Royal Canadian Mounted Police provide policy and practical advice to Canadian agencies on physical security.
UK Cabinet Office
The UK Cabinet Office maintains protective security policies for the UK Government.
This includes the UK Security Policy Framework, which provides central internal protective security policy and risk management for UK Government departments and associated bodies.
Centre for the Protection of National Infrastructure resources
The Centre for the Protection of National Infrastructure provides integrated security advice (combining information, personnel and physical) to organisations that make up the UK national infrastructure. CPNI advice helps to reduce the vulnerability of the UK national infrastructure to terrorism and other threats to national security.
Their advice covers security planning, physical security, personnel security and cyber security/information assurance.
The CPNI YouTube channel contains short videos that can be used to assist in agency security awareness training.
United Kingdom Security Vetting
United Kingdom Security Vetting is the single government provider of national security vetting. They are responsible for security vetting to enable the UK government to protect its citizens and provide vital public services, by understanding and managing security risks.
United States of America
Department of Homeland Security – Cybersecurity and Infrastructure Security Agency (CISA)
CISA works with partners at all levels of the US Government, and from the private and non-profit sectors, to share information and build greater trust to make US cyber and physical infrastructure more secure.
Defense Personnel and Security Research Center (PERSEREC)
Researchers at PERSEREC:
- conduct applied research and development to improve personnel suitability, security, and reliability policy and practice
- conduct long-term programmatic research and development for the human resource management, security, and intelligence communities
- provide quick-response studies and analyses in support of policy formation and systems operation
- disseminate research information to policymakers and practitioners
- develop innovative systems, tools, and job aids for policymakers, managers, and practitioners concerned with personnel suitability, security, and reliability.