Commonwealth entities have security obligations and a responsibility for the secure delivery of Government business. It is also important that Commonwealth entities protect their information and systems from cyber threats. Digital assets are integral to the execution of business priorities. There is also guidance on how you may invest in IT infrastructure and data management.
Topics covered in this section of the guide:
- Protective Security Policy Framework
- Cyber Security Principles and Guidelines
- Digital procurement and IT investment
- Establishing and maintaining digital assets
Useful resources and contact information are available in the tables below.
Protective Security Policy Framework
The Protective Security Policy Framework has been developed to assist Commonwealth Government entities to protect their people, information and assets.
The Protective Security Policy Framework articulates protective security policy and provides guidance to entities to support the effective implementation of the policy across the areas of security governance, personnel security, physical security and information security.
Key Tasks
|
Task |
Explanation |
Resources |
Contact |
|---|---|---|---|
|
Appoint a Chief Security Officer |
The Protective Security Policy Framework requires the appointment of a Chief Security Officer who has the oversight and is empowered to make decisions on all elements of protective security within that entity. |
Attorney-General’s Department 02 6141 3600 |
Cyber Security
The Australian Government Information Security Manual outlines a cyber security framework that your entity can apply. The Security Manual includes the Cyber Security principles and Cyber Security guidelines.
Key Tasks
|
Task |
Explanation |
Resources |
Contact |
|---|---|---|---|
|
Appoint a Chief Information Security Officer |
It is important that each organisation appoints a Chief Information Security Officer to provide cyber security leadership. |
Australian Signals Directorate – Australian Cyber Security Centre 1300 CYBER1 (1300 292 371) |
Digital procurement and IT investment
The Digital Transformation Agency (DTA) has developed guidance to assist entities establish their digital footprint, key tasks include IT procurement, data management and web hosting.
| Task | Contact |
|---|---|
|
Digital Procurement – tools, mandatory and optional panels and frameworks for procuring technology goods and services for government. |
https://www.dta.gov.au/help-and-advice/ict-procurement/digital-sourcing-framework-ict-procurement |
| DTA reviews, monitors and provides advice on digital investment. | https://www.dta.gov.au/help-and-advice/digital-and-ict-investment |
Establishing and maintaining digital assets
The DTA also accelerates government digital transformation by helping agencies move more services online, deliver a better user experience to users and ensure the best use of government’s digital spend.
Guidance on implementing and using IT in Government including:
- Digital Service Standard – mandated principles for designing and delivering government services
- Digital Service Platforms Strategy provides guidance for Australian Government departments and agencies who create or manage digital service platforms
- Digital Transformation Strategy
- Whole-of-government Hosting Strategy
- Secure Cloud Strategy
IT Infrastructure and information tools including:
- Data.gov.au makes it easy to find and use data from government agencies and other organisations
- Google Analytics 360 for Government
- National Map provides map-based spatial data from government agencies
- Gov.au Observatory measures how people interact with government
- Media Release Service collects media releases from Australian Government websites and emails them to subscribers each day
- Notify tool to send sms and emails to your client base
- Cloud.gov.au a secure cloud-based platform for hosting website applications
- The Australian Government Design System