You are here: Skip breadcrumbAttorney-General's Department >> Publications >> Annual reports >> Annual report 2008-09 >> Annual Report 2008-09 Output 2.5

 Annual Report 2008-09 Output 2.5

 next page previous page

Protective security and national security crises coordination


The Department delivered a range of security-related programs and services in achieving Output 2.5. We provided policy advice and whole-of-government coordination to prevent, or respond to, threats to Australia’s national security. The Department also provided protective security training and personnel security vetting services. The Department coordinated maintenance and development of Australia’s national security capability, dignitary protection and the Australian Government’s protective security involvement in high-level events. Close working relationships were maintained with all Australian Government departments and agencies, federal, State and Territory police services, Premiers’ departments and agencies to accomplish these functions.

In 2008–09, an organisational restructure combined the operational components of the Protective Security Coordination Centre and EMA. The Attorney General’s Department Coordination Centre (AGDCC), the EMA Incident Management Facility and the National Security Hotline were incorporated into the EMA Crisis Coordination Branch to maintain situational awareness and provide whole-of-government coordination during times of crisis. This integration is still being implemented; systems and procedures are being rationalised to provide improved service to support Australian Government crisis arrangements.

The Australian Security Vetting Service (ASVS) continued to expand its client base for personnel security vetting, to streamline processes and to seek out and act on client feedback.

Major achievements

Changes to coordination arrangements

An important achievement in 2008–09 was integration of the former Protective Security Coordination Centre and the former EMA into one new organisation; and development of an integrated whole-of-government approach to coordination within an all-hazards environment.

The Incident Management Facility and the Attorney General’s Department Coordination Centre were combined within EMA’s Crisis Coordination Branch to provide improved integration and coordination in an all-hazards context. Operationally, 2008–09 was an extremely busy year as national crisis arrangements were activated almost continuously since November 2008.

The Department extended its ability to manage a major influx of calls to the National Security Hotline by developing bilateral arrangements with Centrelink and the Australian Taxation Office. These agencies have been provided with the technology and staff trained to support the National Security Hotline during times of surge. These bilateral arrangements are exercised and reviewed monthly to ensure full functionality.

Procedural and training reform was implemented to meet the Government’s agenda of a whole-of-government coordination centre within an all-hazards environment. Introduction of emergency management and national security specialists into the AGDCC has complemented the all-hazards approach and its effectiveness was evidenced by the integrated approach to the Mumbai (India) attacks during late 2008.

Protective security coordination

The Department coordinated protective security arrangements for the Prime Minister’s international program. In addition to a range of international travel for bilateral meetings, the program included his attendance at a number of significant meetings of world and regional leaders, such as the APEC Leaders’ Meeting in Peru, the Pacific Islands Forum in Niue, the ASEAN Summit in Thailand and the G20 meeting in the United Kingdom.

The Department worked closely with a range of Australian Government and State and Territory agencies and representatives of foreign governments to coordinate security arrangements for significant dignitaries’ visits to Australia, including the Prime Minister of Vietnam, the President of Malta, the Princess Royal, and the King and Queen of Spain. Protective security arrangements were also arranged, on behalf of the Australian Government, for a number of special events, including the Federal Community Cabinet meetings and Anzac Day services at Gallipoli, Turkey.

Protective security risk reviews and physical security infrastructure upgrades were completed at The Lodge, Government House and six Commonwealth Parliamentary Offices.

Work continued on exercising and developing the Continuity of Government plan. This year, a three-phase exercise program was undertaken to rehearse and review the plan.

Managing the consequences of disasters and emergencies

The Department established the Crisis Coordination Branch comprising the National Security Hotline, the AGDCC, and the Incident Management Facility. The Department, though the Crisis Coordination Branch, is responsible to the Attorney-General for maintaining situational awareness across Australia’s sphere of influence and improving coordination during times of crisis. The Department also has responsibility for activating Australian Government crisis coordination and assistance arrangements post impact. Crisis coordination is achieved across the whole-of-government and within an all-hazards environment.

When the total resources (government, community and commercial) of an affected State or Territory cannot reasonably cope with the needs of the situation, the State or Territory Government can seek assistance from the Australian Government through the Crisis Coordination Branch.

Requests received for Australian Government assistance are actioned under the auspices of the relevant national plan. Further, the Department administers financial assistance to communities and businesses following a disaster (see Output 3.2) through the National Disaster Relief and Recovery arrangements.

National counter-terrorism alert system

The Department made a major contribution to development of a flexible national counter-terrorism alert system, which was agreed by the National Counter-Terrorism Committee (NCTC) and all First Ministers. The Attorney-General, the Hon Robert McClelland, announced the new system on 30 September 2008; it was practiced during the multijurisdictional counter-terrorism exercise Mercury 08. The revised system, which communicates an assessed risk of terrorism to the Australian public, allows for application of alert levels to Australia as a whole as well as to specific jurisdictions, industry, business sector or geographic location.

Mercury 08

The Department successfully coordinated the NCTC multijurisdictional exercise Mercury 08. This exercise tested national and jurisdictional counter-terrorism arrangements with a focus on consequence management and critical infrastructure. All levels of government were tested and both the National Security Committee and National Crisis Committee were activated for the exercise. Mercury 08 was the largest counter-terrorism exercise to be conducted in Australia since 2005. The Department also successfully coordinated the NCTC exercise program and Australia’s involvement in a number of regional and international counter-terrorism exercises.

Supporting the National Counter-Terrorism Committee

The Department supported the NCTC, coordinated its training, exercises, development and equipment procurement programs, and managed the NCTC Administered Fund. The Department also provided secretariat support to a number of NCTC subcommittees and working groups.

The Department refined and coordinated the second annual cycle of the NCTC’s continuous improvement process: the NCTC Capability Review and Development Process. Key outcomes of this second cycle included a revised and enhanced approach to developing and conducting exercises; and development of the new NCTC Investigations Support Capability Subcommittee that includes three new capabilities—investigations, surveillance and forensics.

Incident Management Facility and Attorney General’s Department Coordination Centre

During 2008–09, the AGDCC and the Incident Management Facility were activated for numerous events, as outlined in Output 2.4.

In particular, the Victorian bushfires in February 2009 was one of the most significant activations in recent years. The Department coordinated the Australian Government response, including tasking the Australian Defence Forces to assist with the response, coordinating briefings for senior government officials, and liaising with Victorian authorities on behalf of the Australian Government. Throughout this activation the Department coordinated 20 requests for Australian Government assistance, received and processed 45 offers of international assistance and 19 offers of domestic assistance.

During this reporting period the Incident Management Facility was also maintaining whole-of-government situational awareness for H1N1 influenza and providing assistance to the Queensland floods and the New South Wales bushfires and floods.

The National Security Hotline

The National Security Hotline provides a single point for collecting and collating information about national security issues from the public. This is a fundamental requirement for effective sharing of information and intelligence between agencies and jurisdictions.

The National Security Hotline plays an important role in collection of intelligence on behalf of relevant State and Territory Police Terrorism Intelligence Units—both from a prevention perspective as well as in the response and recovery phase of a terrorist attack. Calls to the National Security Hotline provide relevant agencies with insight into the community that cannot always be achieved through traditional law enforcement practices.

The relevant Australian Government intelligence agencies, and State and Territory Terrorism Intelligence Units assess and prioritise information from the National Security Hotline to determine its relevance to current counter-terrorism investigations and the general threat landscape for Australia.

Figure 5: Number and type of calls to the National Security Hotline, 2008–09

Figure 5: Number and type of calls to the National Security Hotline, 2008–09 

National security trials

The Department continued to support three jurisdictions in the conduct of criminal trials where national security information had been presented as evidence. We coordinated delivery of security equipment and secure information and communications technology to each jurisdiction and ensured timely and accurate dissemination of security training and briefings.

Australian Security Vetting Service

In April 2009, as part of the Department’s restructure, the Australian Security Vetting Service (ASVS) was incorporated into the AusCheck Branch and therefore forms part of the new National Security Law and Policy Division. While the ASVS and AusCheck Background Checking Service remain separate business lines with separate cost recovery arrangements, they now share streamlined management and support.

The Australian Security Vetting Service role in vetting for the Commonwealth, States and Territories continued to expand. The service accepted more than 30 new clients during 2008–09, and undertook major new work for government agencies, including the Department of Education, Employment and Workplace Relations, and Victoria Police.

A range of measures, including establishing a dedicated information review team to streamline information gathering, and more closely governing sub-contractors, has resulted in a continuing reduction in the average vetting completion time.

During the year, establishment of formal client service agreements with all clients was finalised, and was supplemented by a series of meetings to seek client feedback. Overall feedback has been positive, with action taken to address concerns, such as issues with some sub-contractors.

Evaluations and reviews

Post activation workshops

The Crisis Coordination Branch uses consultative forums and post activation workshops as the main way to evaluate service delivery. These forums and workshops are conducted biannually and are supported by post activation reviews to provide a basis for continuous improvement.

The AGDCC uses post activation reviews to provide a basis for continual improvement of operational procedures within the Centre.

For example, post activation reviews were conducted for the national counter-terrorism exercise, Mercury 08, and the Mumbai 2008 attacks, both of which recommended changes to procedures within the centre.

The AGDCC also conducts biannual consultative forums with stakeholders such as the Australian Security Intelligence Organisation, the Australian Federal Police, and State and Territory police services to provide evaluation and advice on service improvement.

The Department’s Counter-Terrorism Capability Development Branch coordinated development and adoption of the NCTC Evaluation Findings Resolution Process. This process ensures that the NCTC and the broader counter-terrorism community systematically consider and address significant lessons learned from real world events in Australia and overseas.


Significant goals for next year include preparing for commissioning of the national crisis coordination capability. This improved capability will provide a centralised coordination and information sharing facility to enhance whole-of-government decision making during crises. The changes to national crisis coordination during 2009–10 will represent the most significant advances in national crisis coordination over the last decade.

The Crisis Coordination Branch will upgrade technology and systems, review and amend procedures, and respond to the changing crisis management arrangements for the Australian Government. We will run a comprehensive training and development program to ensure staff are able to meet the demands arising from improved national crisis coordination and response.

The Department will also further refine existing protective security coordination mechanisms through:

  • further developing and formalising risk management frameworks to inform our decisions about risk mitigation strategies
  • incorporating new technologies, such as Geographic Information Systems, to enhance our capacity to quickly locate at-risk High Office Holders in an emergency, and
  • further developing and refining the Continuity of Government Plan.

The Department will conduct a review of the Government’s protective security framework to better support and secure the conduct of government business.

The Department will also be focusing on increasing its attentiveness to providing a user-friendly service to people being security vetted, including through enhanced online information and a dedicated number for questions and feedback. We will also continue to streamline processes and shorten vetting timeframes.

The Department will coordinate:

  • implementation of an all-hazards approach to developing national security capability
  • implementation of a secure web portal to support NCTC capability development
  • development of the NCTC counter-terrorism capabilities to ensure Australia’s counter-terrorism capability keeps ahead of the evolving terrorist threat
  • a variety of counter-terrorism, emergency management and national security exercises across the country, as well as Australia’s involvement in both regional and international security exercises
  • a program of multijurisdictional activities and exercises in preparation for Mercury 10, a multijurisdictional counter-terrorism exercise involving all levels of government and the private sector whose main deployment will occur in early 2010–11
  • finalisation of a major review of the NCTC National Counter-Terrorism Handbook to ensure it continues to provide Australian, State and Territory Government officials with the most accurate and up-to-date information on key operational elements of the national counter-terrorism arrangements, and
  • the third cycle of the NCTC Capability Review and Development Process in 2009–10.

Performance indicators

Table 18: Performance indicators, Output 2.5—Protective security and national security crisis coordination

Key performance indicators

2008–09 target


Attorney-General’s Department Coordination Centre maintained as a dedicated 24/7 national security and emergency management coordination facility providing whole-of-government situational awareness and crisis coordination

Readiness maintained above the 95% level (operating 24/7) and stakeholder service satisfaction rating of 90% or higher as measured by half-yearly surveys and stakeholder forums


This is supported through stakeholder forums conducted biannually with Australian Federal Police, the Australian Security Intelligence Organisation, State and Territory police services, and emergency management agencies. Post activation reviews support stakeholder input.

Efficient and effective coordination of protective security services for Australian Holders of High Office, visiting foreign dignitaries, and the diplomatic and consular community

Stakeholder satisfaction rating of 90% or higher as measured by annual surveys


Formal survey processes were not conducted during 2008–09 because of the variety of services and clients. Instead a regime of consistent and regular communications and regular feedback about individual protective security arrangements indicates a high level of stakeholder satisfaction.

Support the National Counter-Terrorism Committee by:

  • developing, managing and coordinating the committee’s capability development program of activities
  • developing and coordinating the National Counter-Terrorism Exercise Program
  • managing and supporting relevant subcommittees and working groups
  • maintaining the National Counter-Terrorism Plan and Handbook

These activities will be measured as follows:

  • the National Counter-Terrorism Committee program of activities is approved by the committee each year
  • the National Counter-Terrorism Exercise Program is implemented
  • relevant subcommittees and working groups are convened effectively
  • the National Counter-Terrorism Plan and Handbook is reviewed regularly to ensure currency and relevance.


The 2008–09 NCTC program of activities was achieved and the 2009–10 program of activities agreed.

NCTC exercise program implemented.

All NCTC subcommittees and working groups supported effectively.

A fundamental review of the National Counter-Terrorism Handbook commenced in 2008–09.

Provide nationally recognised protective security vocational training consistent with Australian Government policy Number of training events delivered in 2008–09. 2007–08 2008–09
82 82

The Protective Security Training Centre continues to facilitate delivery of high-quality protective security training. While the number of training events remained static, this reporting period saw an increase in the number of participants attending training events.

Compliance with the standards for registered training organisations


The Protective Security Training Centre continues to comply with Australian Quality Training Framework requirements as a registered training organisation. The Training Centre reported on Australian Quality Training Framework Quality Indicator—Competency Completion—for 2008–09.

Provide security vetting services

Number of security assessments completed in 2008–09.

The Australian Security Vetting Service completed 4,942 assessments.

There was an overall 11% increase in the number of assessments completed this financial year.

Reduction in cases referred to quality assessment

Partially achieved

Although the numbers of cases referred to quality assessment has remained steady, the ASVS has achieved a 30% improvement in the overall completion times for cases with a corresponding decrease in the time cases spend in remediation.

Manage the protective security function for the Department

The Department’s protective security environment complies with Australian Government policy


The Departmental Security Unit has achieved a high level of compliance through applying appropriate risk managed protective security measures in accordance with the policy, practices and procedures detailed in the Department’s Agency Security Plan and the Australian Government Protective Security Manual.

Provide and support a relevant and consistent protective security environment across government

Advice is developed, updated and efficiently provided to stakeholders within agreed timeframes


Through the updated Protective Security Policy website, advice is updated and stakeholders advised.

Administered items


National Counter-Terrorism Committee—special fund and operating expenses

Expenditure approved by NCTC and managed in accordance with NCTC financial guidelines and the Department’s Chief Executive Instructions to within 94% of allocated budget.

Expenditure in accordance with government decisions and as approved by the NCTC.

The NCTC administered fund provides funding to the NCTC program to develop and maintain a nationwide counter-terrorism network through provision of a basic viable capability in each State and Territory commensurate with the general level of threat to Australia. The NCTC administered fund provides for:

  • meetings of the NCTC, its subcommittees and working groups
  • national policy and operational seminars, forums and workshops
  • development of documentation to support the NCTC and the nationwide counter-terrorism capability
  • a program of training, development and counter-terrorism exercises
  • the Australian Secure Network (ASNET) to facilitate transmission of information between approved Australian Government, State and Territory departments and agencies involved in counter-terrorism, and
  • purchase of specialist counter-terrorism equipment for State and Territory police.
Training courses and counter-terrorism exercises were successfully conducted across all Australian States and Territories under the NCTC Capability Development program. These activities strengthened Australia’s counter-terrorism capability by involving relevant Australian, State and Territory Government departments and agencies with responsibility for preparedness, prevention, response and recovery.

The 2008–09 NCTC budget was $15.675 million. The activities funded included exercises, training courses and equipment procurement. $4.899 million was allocated for ongoing operation and communication upgrade of ASNET to enhance transmission of secure information among relevant agencies.

Budget price: $16.424 million

Actual price: $15.614 million

National security public information campaign


Communications activities evaluated against agreed objective. $3 million returned to consolidated revenue.

Budget price: $5.550 million

Actual price: $5.345 million

Our people

Taking the lead in E-Security Review

Maryanne Draney and Marcella Hawkes, E-Security Branch, National Security Resilience Policy Division

Maryanne Draney and Marcella Hawkes,
E-Security Branch, National Security
Resilience Policy Division

A better understanding of the e-security environment

The comprehensive whole-of-government 2008 E-Security Review, brought together a wide range of views from across government to deliver a truly holistic approach to e-security. It was led by the Attorney-General’s Department, in collaboration with the Defence Signals Directorate; the Department of Broadband, Communications and the Digital Economy; the Australian Government Information Management Office; the Australian Communications and Media Authority; the Australian Federal Police; and the Australian Security Intelligence Organisation.

For Assistant Director, E-Security Policy, Maryanne Draney, the review presented some unique challenges.

‘Each person in the multi-agency team needed to balance their own department’s position with the need to maintain a level of independence. But the review enabled us to develop excellent relationships across government and to gain a better understanding of the e-security environment,’ she said.

A key deliverable of the review is the creation of a national computer emergency response team (CERT) within government that will be the primary contact for dealing with Internet security threats. The new national CERT will consolidate expertise from across government to communicate information to business and the community.

Marcella Hawkes, Director of the E-Security Review Team said the review provided the opportunity to examine a range of government projects and to ask the tough questions.

‘The review challenged my preconceptions and understanding of the role of the Australian Government. My greatest highlight has been being part of a team with some of the smartest, most interesting and creative people I’ve ever worked with,’ she said.

The review has recommended some fundamental changes to the way the Government organises and presents itself to business and the community. E-security is a constantly changing environment so another review is scheduled for late next year to ensure everything is still on track.

 next pageprevious page