Australian Government - click here to go to our home page

go to start   text resizing

Australian Public Service Commission
Foundations of Governance - Click to go to the Foundations home page

in Foundations

A-Z index
In this section:

on our site

Site help

help with using this site

Site menu

news

SecurityAPS Commission Home page
> Foundations of Governance
> Security > Next: Native title and dealing with land
‹ Previous page

Last updated: August 2008

Security

In the current international environment, effective security in Government is imperative to Australia’s national interest. It is important for agency heads to be aware of their security responsibilities to ensure the protection of Government information and the safety of employees and Australian citizens.

Australian Government Protective Security Manual

An appropriate protective security environment is fundamental, not only to good business and management practice but, ultimately, to good government. While the government as a whole is responsible for the protective security of the Commonwealth, individual Ministers are responsible for securing the operation of their portfolios. In practice, day-to-day management of protective security arrangements in a Australian Government agency is the responsibility of the agency head.

The Australian Government Protective Security Manual (PSM) is the principal means for disseminating Commonwealth protective security policies, principles, standards and procedures to be followed by all Australian Government agencies for the protection of official resources. It provides minimum common standards in protective security for all Australian Government agencies and contractors and their employees performing services for, and on behalf of the Australian Government. These minimum standards ensure that there is a consistent approach to protective security within and between agencies. The availability of the PSM is restricted to government agencies and contractors working to government. The PSM was reviewed and reissued in October 2005.

The PSM covers the following areas:

Security and character checking of employees

Information supplied by:

For more information:

An agency head is responsible for ensuring appropriate levels of security and character clearance of persons engaged or who move to an agency. This would normally be done through imposing such clearance as a condition of engagement or as an essential qualification. Section 22 of the Public Service Act 1999 allows an agency head to engage an employee subject to the employee meeting certain specified conditions (including possession of or gaining of Australian citizenship and the meeting of specified security and character clearances) which have been notified to the employee prior to engagement. An agency head can impose essential qualifications on a set or sets of duties. These qualifications must then be met by anyone who is selected to perform the duties.

Online security

Information security is the responsibility of iagencies, but risk is increasingly shared across agencies as ICT online services are delivered on a multi-agency, multi-jurisdictional or whole-of-government basis.

Australian Government agencies are bound by the Protective Security Manual (PSM), issued by the Attorney-General’s Department (AGD), and the Australian Government Information and Communications Technology Security Manual (ACSI 33), which is issued by the Defence Signals Directorate (DSD).

The PSM is the principal means for disseminating Australian Government protective security policies, principles, standards and procedure, to be followed by all Australian Government agencies for the protection of official resources.

ACSI 33 is the primary source of information security policy and guidance for agencies. It provides policy and guidance to agencies on how to protect their ICT systems. Australian Government agencies are required by the PSM to comply with ACSI 33. It has been written to be consistent with the relevant Australian standards, including:

The Australian Government Information Management Office (AGIMO) provides advice and assistance about whole of government ICT usage and business continuity to the Australian Government and prepares best practice guides to increase the information available to departments to manage their ICT risks. AGIMO works closely with agencies, other tiers of government and the ICT industry to enhance the security of government information and systems.

Privacy issues in Australian Government internet sites

To assist agencies to comply with the Privacy Act 1988, and adopt best practice in relation to privacy, the Privacy Commissioner has developed Guidelines for Federal and ACT Government Websites for agencies to use when implementing websites.

The Australian Government e-Authentication Framework (AGAF)

The AGAF for business provides a guide for the Australian Government on how to conduct transactions securely with businesses on a wide range of matters and through a wide range of delivery channels.

The AGAF for individuals provides guidance to agencies whose electronically delivered services require e-authentication of individual’s identity or a related assertion.

The Identity Management for Australian Government Employees Framework (IMAGE) is an integrated, better practice approach for identity management of Australian Government employees and contractors.

Gatekeeper

Gatekeeper is the Australian Government’s strategy for the use of Public Key Infrastructure (PKI) in government for the authentication of external clients (Organisations, Individuals and other entities). The Strategy ensures a whole-of-government framework that delivers integrity, interoperability, authenticity and trust for Agencies and their clients.

Commonwealth fraud control guidelines

Information supplied by:

For more information:

Fraud against the Australian Government is a major concern to the Government.

The Commonwealth Fraud Control Guidelines outline the Government’s requirement that Australian Government agencies put in place a comprehensive fraud control programme to protect Australian Government revenue, expenditure and property from attempts to gain illegal benefits.