PSPF

Attorney-General’s Department (AGD)’s Protective Security Policy Framework (PSPF). Focuses on outcomes:

• security governance
• information security
• personnel security
• physical security.

• PSPF History
• PSPF Framework
  • 5 PSPF Principles
  • 4 PSPF Outcomes
  • 16 PSPF Core Requirements
  • Guidance material.
  • Chief Security Officer

Governance

• Principles
  • Security is everyone's responsibility. Developing and fostering a positive security culture is critical to security outcomes.
  • Security enables the business of government. It support the efficient and effective delivery of services.
• Core requirements
  • 1. PSPF: Role of accountable authority
  • 2. PSPF: Management structures and responsibilities
  • 3. PSPF: Security planning and risk management
  • 4. PSPF: Security maturity monitoring
  • 5. PSPF: Reporting on security
  • 6. PSPF: Security governance for contracted goods and service providers
  • 7. PSPF: Security governance for international sharing

Information

• Principles
  • Security measures applied proportionately protect entities' people , information and assets in line with their assessed risks.
  • Accountable authorities own the security risks of their entity and the entity's impact on shared risks.
  • A cycle of action, evaluation, and learning is evident in response to security incidents.
• Core Requirements
  • 8. PSPF: Sensitive and classified information
  • 9. PSPF: Access to information
  • 10. PSPF: Safeguarding information from cyber threats
  • 11. PSPF: Robust ICT systems

Personnel

• • 12. PSPF: Eligibility and suitability of personnel
  • 13. PSPF: Ongoing assessment of personnel
  • 14. PSPF: Separating personnel

Physical

• • 15. PSPF: Physical security for entity resources
  • 16. PSPF: Entity facilities

Links

• https://www.protectivesecurity.gov.au/

Related

• ISM