The Government of South Australia has a responsibility to protect its people, information and assets from compromise or harm.

The South Australian Protective Security Framework (SAPSF) has been developed to provide all government agencies* with the policy requirements and guidance to implement and maintain effective protective security processes and procedures that identify and manage risk, promote continuous improvement to security capability and maturity, and that foster a positive security culture throughout the South Australian public sector.

The SAPSF consists of 13 Core Requirements, which are based on existing national and international standards, to assist all agencies to manage individual and collective protective security risks.

The SAPSF is a risk-based framework designed to empower agencies to identify and manage the most significant risks to South Australian Government business.

The requirements of the SAPSF have been developed to integrate with existing practices at a state, jurisdictional and Commonwealth level, including with the Commonwealth Protective Security Policy Framework (PSPF).

The SAPSF has been adopted as the protective security policy requirements for the Government of South Australia under Premier and Cabinet Circular 030 (PC030) effective 1 July 2020.

Premier and Cabinet Circular PC030 Protective Security in the Government of South Australia (PDF, 586.8 KB)

SAPSF Executive Guide (PDF, 460.4 KB)

SAPSF Overview (PDF, 155.3 KB)

The SAPSF incorporates relevant South Australian security policies, including the South Australian Cyber Security Framework, and provides tailored guidance and resources for the South Australian context.

Note: South Australian Government agencies are reminded of the changes made to information classification that were approved in November 2019. All agencies are still required to transition to the new South Australian Information Classification System (ICS) by 1 December 2020. The Information Security (INFOSEC) policies that accompanied the ICS are now incorporated into the SAPSF.

View Information security for more detail or contact us to find out more.

*The SAPSF applies to all South Australian public sector agencies (as defined in section 3(1) of the Public Sector Act 2009) and to any other person or organisation that is generally subject to the direction of a Minister of the Crown; all of which are referred to in the SAPSF as “Agencies”.