The content on this page and other Finance archive pages is provided to assist research and may contain references to activities or policies that have no current application. See the full archive disclaimer.
Cyber security is largely managed by the Department of Prime Minister and Cabinet at http://www.dpmc.gov.au/cyber-security.
The Australian Government's April 2016 Cyber Security Strategy [ PM&C website] ('the Strategy') recognises that organisations in both the public and private sectors need to better understand cyber risks and have stronger cyber defences. Cyber security is too often viewed as simply an IT issue—it belongs at the centre of business strategy, for organisations across the public and private sectors.
Australian Government departments and entities are responsible for protecting their assets and information from cyber attacks. Entity business cases for ICT-enabled proposals to Government must identify how cyber security risks will be managed and how the proposal will comply with relevant Government cyber security policies.
Finance, through Investment, Capability and Assurance, provides guidance to agencies on cyber security requirements for business cases. To assist entities, it has released more detailed advice to each entity's Chief Financial Officer.Contact informationInvestment, Capability and AssuranceDepartment of Finance
Australian Government Protective Security Policy Framework (PSPF)
The PSPF is issued by the Attorney-General's Department on behalf of the Protective Security Policy Committee (PSPC).
It is the principal means for disseminating Australian Government protective security policies, principles, standards and procedures, to be followed by all Australian Government entities for the protection of official resources. The PSPF is official information and its availability is restricted to Australian Government entities. Contractors working for Australian Government entities may be provided with the sections of the PSPF required to meet contractual obligations by the contracting entity.
For more information:
The Australian Government Information Security Manual
The ISM has been developed by ASD to provide policies and guidance to Australian Government entities on how to protect their ICT systems.
Australian Government entities are required by the PSPF to comply with the ISM. Entities must consider the security implications of their IT systems and devise policy and plans to ensure the systems are appropriately protected.
For more information:
Online services offer the public a convenient and accessible way to access government services. However, as the use of online government services continue to grow, so too does the scale, sophistication and frequency of hacking, malicious cyber attacks and cyber crime. Finance, through Investment, Capability and Assurance, in conjunction with the Australian Signals Directorate (ASD) and the Attorney-General's Department has developed guidance to support Australian Government agencies in minimising the risk of harm to the public when they transact online with the Australian Government. The Guidance is titled Agency cyber security responsibilities when transacting online with the public [ - 226 KB External Document].Contact informationProtective Security Policy SectionAttorney-General's Department3-5 National CircuitBARTON ACT 2600Email: email@example.com Information Security Operations BranchAustralian Signals DirectoratePO BOX 5076KINGSTON ACT 2604Email: firstname.lastname@example.org
Visit the Digital Transformation Office (DTO)
Contact for information on this page: email@example.com