IT & security

Commonwealth entities have security obligations and a responsibility for the secure delivery of Government business. It is also important that Commonwealth entities protect their information and systems from cyber threats. Digital assets are integral to the execution of business priorities. There is also guidance on how you may invest in IT infrastructure and data management. 

Topics covered in this section of the guide:

  • Protective Security Policy Framework
  • Cyber Security Principles and Guidelines
  • Digital procurement and IT investment
  • Establishing and maintaining digital assets

Useful resources and contact information are available in the tables below.


Protective Security Policy Framework

The Protective Security Policy Framework has been developed to assist Commonwealth Government entities to protect their people, information and assets.

The Protective Security Policy Framework articulates protective security policy and provides guidance to entities to support the effective implementation of the policy across the areas of security governance, personnel security, physical security and information security.

Key Tasks





Appoint a Chief Security Officer

The Protective Security Policy Framework requires the appointment of a Chief Security Officer who has the oversight and is empowered to make decisions on all elements of protective security within that entity.

Protective Security Website

Attorney-General’s Department

02 6141 3600


Cyber Security

The Australian Government Information Security Manual outlines a cyber security framework that your entity can apply. The Security Manual includes the Cyber Security principles and Cyber Security guidelines.

Key Tasks





Appoint a Chief Information Security Officer

It is important that each organisation appoints a Chief Information Security Officer to provide cyber security leadership.

Guidelines for Cyber Security Roles

Australian Signals Directorate – Australian Cyber Security Centre

1300 CYBER1 (1300 292 371)


Digital procurement and IT investment

The Digital Transformation Agency (DTA) has developed guidance to assist entities establish their digital footprint, key tasks include IT procurement, data management and web hosting. 

Task Contact

Digital Procurement – tools, mandatory and optional panels and frameworks for procuring technology goods and services for government.

DTA reviews, monitors and provides advice on digital investment.


Establishing and maintaining digital assets

The DTA also accelerates government digital transformation by helping agencies move more services online, deliver a better user experience to users and ensure the best use of government’s digital spend.

Guidance on implementing and using IT in Government including:

Digital Service Standard – mandated  principles for designing and delivering government services

Digital Service Platforms Strategy provides guidance for Australian Government departments and agencies who create or manage digital service platforms.


Digital Transformation Strategy

Whole-of-government Hosting Strategy

Secure Cloud Strategy


IT Infrastructure and information tools including: makes it easy to find and use data from government agencies and other organisations

Google Analytics 360 for Government

National Map provides map-based spatial data from government agencies Observatory measures how people interact with government

Media Release Service collects media releases from Australian Government websites and emails them to subscribers each day

Notify tool to send sms and emails to your client base a secure cloud-based platform for hosting website applications

The Australian Government Design System


Did you find this content useful?