Govt not effectively mitigating insider threats


By Dylan Bushell-Embling
Monday, 14 May, 2018
google plus facebook twitter linkedin google plus


Govt not effectively mitigating insider threats

The Australian Government Security Vetting Agency (AGSVA) is not effectively mitigating the government's exposure to insider threats, a new audit has found.

An audit of the personnel security component of the government's Protective Security Policy Framework (PSPF) found that AGSVA has failed to implement the government's policy direction to share information with client entities on identified personnel security risks.

The audit, conducted by the Australian National Audit Office (ANAO), evaluated whether the AGSVA is providing effective security vetting services.

The audit also assessed the Attorney General's Department, the Digital Transformation Agency, ASIC, and the Australian Radiation Protection and Nuclear Safety Authority for compliance with the personnel security requirements of the framework, following 2014 reforms conducted in response to the previous audit.

None of the audited entities — including AGSVA — fully comply with all mandatory PSPF controls, the audit found.

Further, while AFSVA collects and analyses information regarding personnel security threats, it does not communicate this information to entities outside of its parent, the Department of Defence. The agency also does not use clearance maintenance requirements to minimise risks.

Since the prior audit, AGSVA's average timeframe for completing positive vetting clearances has increased significantly.

But the audit found that the agency has plans to implement a number of process improvements by adopting a new ICT system. The new system is expected to be fully operational in 2023.

The other audited entities also demonstrated mixed compliance with the PSPF personnel security requirements.

Some were only partially compliant with the requirement to ensure personnel have appropriate clearances, and none had fully implemented the requirements introduced in 2014 to manage the ongoing suitability of personnel.

Image credit: ©iStockphoto.com/Brian Jackson

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

Data, collaboration key to national and border security

Home Affairs Secretary Michael Pezzullo has urged global governments to embrace collaboration and...

Queensland appoints defence expert to boost cybersecurity

Major General Stephen Day (Retired), former senior executive of the National Cyber Centre, will...

Protecting tomorrow's critical infrastructure

In a world of cyber threats, international standards and certification are the best ways to...


  • All content Copyright © 2018 Westwick-Farrow Pty Ltd