Commonwealth entities have security obligations and a responsibility for the secure delivery of Government business. It is also important that Commonwealth entities protect their information and systems from cyber threats. Digital assets are integral to the execution of business priorities. There is also guidance on how you may invest in IT infrastructure and data management.
Topics covered in this section of the guide:
- Protective Security Policy Framework
- Cyber Security Principles and Guidelines
- Digital procurement and IT investment
- Establishing and maintaining digital assets
Useful resources and contact information are available in the tables below.
Protective Security Policy Framework
The Protective Security Policy Framework has been developed to assist Commonwealth Government entities to protect their people, information and assets.
The Protective Security Policy Framework articulates protective security policy and provides guidance to entities to support the effective implementation of the policy across the areas of security governance, personnel security, physical security and information security.
Key Tasks
|
Task |
Explanation |
Resources |
Contact |
|---|---|---|---|
|
Appoint a Chief Security Officer |
The Protective Security Policy Framework requires the appointment of a Chief Security Officer who has the oversight and is empowered to make decisions on all elements of protective security within that entity. |
Attorney-General’s Department 02 6141 3600 |
Cyber Security
The Australian Government Information Security Manual outlines a cyber security framework that your entity can apply. The Security Manual includes the Cyber Security principles and Cyber Security guidelines.
Key Tasks
|
Task |
Explanation |
Resources |
Contact |
|---|---|---|---|
|
Appoint a Chief Information Security Officer |
It is important that each organisation appoints a Chief Information Security Officer to provide cyber security leadership. |
Australian Signals Directorate – Australian Cyber Security Centre 1300 CYBER1 (1300 292 371) |
Digital procurement and IT investment
The Digital Transformation Agency (DTA) has developed guidance to assist entities establish their digital footprint, key tasks include IT procurement, data management and web hosting.
| Task | Contact |
|---|---|
|
Digital Procurement – tools, mandatory and optional panels and frameworks for procuring technology goods and services for government. |
|
| DTA reviews, monitors and provides advice on digital investment. | Digital and ICT investments |
Establishing and maintaining digital assets
The DTA also accelerates government digital transformation by helping agencies move more services online, deliver a better user experience to users and ensure the best use of government’s digital spend.
Guidance on implementing and using IT in Government including:
- Digital Service Standard – mandated principles for designing and delivering government services
- Data and Digital Government Strategy | DDGS provides guidance for Australian Government departments and agencies who create or manage digital service platforms
- Data and Digital Government Strategy | DDGS
- Whole-of-government Hosting Strategy
- Secure Cloud Strategy
IT Infrastructure and information tools including:
- data.gov.au - beta makes it easy to find and use data from government agencies and other organisations
- Observatory Terms of Service | Digital Transformation (dta.gov.au)
- NationalMap | Geoscience Australia (ga.gov.au) provides map-based spatial data from government agencies
- Gov.au Observatory measures how people interact with government
- Media Release Service collects media releases from Australian Government websites and emails them to subscribers each day
- Secure Cloud Strategy | Digital Transformation Agency (dta.gov.au) a secure cloud-based platform for hosting website applications
