IT Security

Please note: Publications marked * are available in hard copy by contacting the Attorney-General’s Department Critical Infrastructure Protection Branch.

E-Security National Agenda

Follow the link to download a copy of the E-Security National Agenda (ESNA) Public Policy Statement.

• ESNA Public Policy Statement [PDF 148KB]*

Governance

The IT Security Expert Advisory Group has developed new papers to assist business executives in implementing sound enterprise-wide IT security governance.

The IT Security Governance report examines the drivers, risks and threats to IT security and provides a security governance framework for enterprises to follow in developing or enhancing their own IT governance. The report’s advice papers for CEOs and CIOs summarise industry sound-practice and provide practical tips and case studies.

• CIO, CSIO and Practitioner Guidance: IT Security Governance [PDF 287KB]
• IT Security Governance for Boards of Directors and CEOs [PDF 65KB]
• Leading Practices and Governance for IT Security Governance [PDF 276KB]

Denial of Service

• Denial of Service/Distributed Denial of Service Report [PDF 2.30MB]
• Denial of Service/Distributed Denial of Service: Advice for CEOs [PDF 401KB]
• Denial of Service/Distributed Denial of Service: Advice for CIOs [PDF 484KB]

GPS

• GPS An Overview for CEOs [PDF 162KB]
• GPS Vulnerability: Information for CIOs [PDF 102KB]

Gov.CERT.au

• GovCERT - Fact Sheet [PDF 107KB] *

Outsourcing

This report provides resources and checklists to help critical infrastructure owners and operators when they are negotiating a new, or renegotiating an existing, outsourcing contract for their IT arrangements. It identifies IT outsourcing security ‘pitfalls’ and provides some common sense mitigation strategies.

• Managing IT Security When Outsourcing to an IT Service Provider
  Guide for Owners and Operators of Critical Infrastructure:
  Summary Report for CEOs and Boards of Directors [PDF 55KB]
• Managing IT Security When Outsourcing to an IT Service Provider
  Guide for Owners and Operators of Critical Infrastructure:
  Full Report [PDF 55KB]

Secure Your Information: Secure Your Business

This report develops a set of information security principles to help organisations protect and secure their information and achieve regulatory compliance. It is complemented by two advisory papers which provide practical advice for senior managers and information security practitioners.

• Secure Your Information -Security your Business:
  Advice for CEOs and Boards of Directors [PDF 351KB]
• Secure Your Information - Information Security Principles
  for Enterprise Architecture: Advice for CIOs and CSOs [PDF 555KB]
• Secure Your Information - Information Security Principles
  for Enterprise Architecture: Report [PDF 1.9MB]

Voice over internet protocol

• Security of Voice Over Internet Protocol – Advice for CEOs [PDF 149KB]
• Security of Voice Over Internet Protocol – Advice for CIOs [PDF 177KB]

Wireless security

• Wireless Security – Overview for CEOs [PDF 193KB]
• Wireless Security – Information for CIOs [PDF 284KB]