The PSPF is structured around four key security outcomes:
Security Governance
Governance serves as the foundation of the PSPF. Each agency must establish and maintain a secure operational culture by adopting policies and appointing a Chief Security Officer (CSO) to oversee compliance. Agencies perform regular risk assessments to manage vulnerabilities and enforce consistent security protocols.
Information Security
Information security aims to protect sensitive government information. Agencies must classify information based on sensitivity and apply controls, such as encryption and access management, to safeguard confidentiality and integrity. Information security policies and training programs ensure employees understand their responsibilities in handling sensitive data.
Personnel Security
Personnel security ensures individuals with access to sensitive information are trustworthy. AGSVA conducts security vetting to assess the reliability of employees, providing clearances at various levels (Baseline, NV1, NV2, and PV) depending on access needs. Agencies manage ongoing personnel security, maintaining accurate records and monitoring any changes in employees’ circumstances that might affect their suitability.
Physical Security
Physical security protects assets and personnel against unauthorized access and threats. Agencies apply measures such as access controls, surveillance, and secure storage, conducting regular assessments to address vulnerabilities.
Key roles under the PSPF include the Chief Security Officer (CSO), who is responsible for developing security policies and ensuring agency compliance, and Security Advisors, who provide expert support. All employees play a role in adhering to security protocols and reporting incidents.
The AGSVA plays a central role in personnel security, conducting vetting processes that ensure only reliable individuals receive security clearances. This includes levels like Baseline, NV1, NV2, and Positive Vetting (PV). Through background checks and assessments, AGSVA helps agencies minimize insider threats and maintain a secure environment.
Successful PSPF implementations include:
The PSPF ensures Australia’s government agencies operate securely and effectively. By focusing on governance, information, personnel, and physical security, it addresses multiple dimensions of risk. AGSVA’s role in vetting reinforces the importance of trust and reliability in handling sensitive information, further supporting Australia’s national security interests.