What is protective security?

In the modern threat environment, it is essential that organisations implement systems to protect their people, information and assets from compromise or harm. Protective security refers to the policies, procedures and practices that seek to achieve this.

Protective security is designed to protect against a broad range of external and internal threats including compromise of information, unlawful access to premises, compromise of systems or employees and physical protection measures.

Protective security practices are commonly implemented across the four security domains of governance, information, personnel, and physical security.

The South Australian Protective Security Framework (SAPSF) and the South Australian Cyber Security Framework (SACSF) provide the protective security policy and guidance for South Australian Public Sector agencies.

The South Australian Protective Security Framework (SAPSF)

The SAPSF was established under Premier and Cabinet Circular 030 (PC030) in 2020 to provide South Australian Public Sector agencies with the policy requirements and guidance to implement and maintain effective protective security processes and procedures.

The SAPSF is a risk-based framework designed to empower agencies to identify and manage the most significant risks to South Australian Government business. The framework aims to promote continuous improvement to security capability and maturity, and foster a positive security culture throughout the South Australian Public Sector.

The requirements of the SAPSF were developed to integrate with existing practices at a state, jurisdictional and Commonwealth level, including with the Commonwealth Protective Security Policy Framework (PSPF).

The SAPSF consists of thirteen policies across the four protective security domains. Each of the policies consists of one core (mandatory) requirement and a varying number of supporting requirements and is accompanied by guidance to assist agencies in their implementation. The guidance draws upon both national and international standards for protective security, while incorporating relevant legislation, policy and risk-profiles from across South Australia.

The SAPSF Executive Guide and the SAPSF Overview set out the structure of the framework and list the core and supporting requirements of the SAPSF in full. The complete guidance for each of the thirteen policies  can be accessed through the security domain tiles below, as well as additional resources and a glossary of terms.