Information security attestation
The department is committed to protecting the security of all information that is provided to or generated by the department.
To meet this commitment, the department has implemented an Information Security Management System (ISMS). The ISMS takes a systematic and repeatable risk-based approach to managing information. This ensures steps are taken to minimise any risks outside of the department's established risk appetite.
The department manages the following information security risks across all its information:
- Risk to Confidentiality
- Risk to Integrity
- Risk to Availability.
The Director-General has attested to the management of the department's information security in the Letter of Attestation 2021-22 (PDF, 1.2MB).