The South Australian Cyber Security Framework (SACSF) is a whole of government approach to ensure cyber security is adequately managed in each South Australian Government agency. The SACSF also provides flexibility in the way each agency addresses the policies within it.
The SACSF applies to South Australian Government public sector agencies (agencies), including administrative units, bodies corporate, statutory authorities, and instruments of the Crown as per the Public Sector Act 2009. It also applies to suppliers to the South Australian Government and non-government personnel that provide services to government agencies.
The SACSF has a range of supporting guidance and templates to assist South Australian Government agencies with certain elements of the framework.
Guidelines
The individual requirements of agencies will determine how each guideline is used and what actions are needed to manage risks.
- SACSF G1.0 executive guide (PDF, 241.1 KB)
- SACSF G2.0 Guideline - Suppliers using the SACSF (PDF, 227.6 KB)
- SACSF G3.0 Guideline - Engaging suppliers and cloud security (PDF, 357.4 KB)
- SACSF G4.0 Guideline - Cyber security incident reporting (PDF, 334.6 KB)
- SACSF G5.0 Guideline - ITSA role and responsibilities (PDF, 286.3 KB)
- SACSF G6.0 Guideline - Integrity and Availability Classification (PDF, 265.9 KB)
- SACSF G7.0 Guideline - Remote and home-based teleworking (PDF, 279.3 KB)
- SACSF G8.0 Guideline - Security risk management (PDF, 282.5 KB)
- SACSF G9.0 Guideline - Essential Eight: Reporting and use in SA Government (PDF, 232.3 KB)
- SACSF G10.0 Guideline - Password Management (PDF, 291.3 KB)
- SACSF G11.0 Guideline - Vulnerability management and patching (PDF, 292.3 KB)
- SACSF G12.0 Guideline - Vulnerability Disclosure Program Implementation (PDF, 270.8 KB)
- SACSF G13.0 Guideline - Cyber security when travelling overseas (PDF, 381.9 KB)
- SACSF G14.0 Guideline - Employees based offshore (PDF, 210.7 KB)
- SACSF G16.0 Guideline - Privileged Access Management (PDF, 314.5 KB)
- SACSF G17.0 Guideline - Internet of Things Security (PDF, 297.4 KB)
Standards and Rulings
SACSF standards and rulings are specific applications of security policy that must be adhered to by all agencies.
- SACSF S4.16 Secure Web Services Standard (PDF, 377.5 KB)
- SACSF R2.0 Storage and Processing of Information in Outsourced or Offshore ICT Arrangements (PDF, 184.3 KB) (under review)
- SACSF Ruling 3 - Tik Tok Use on Government Devices (PDF, 230.9 KB)
Implementation Toolkit
The SACSF Implementation Toolkit resources can be used to manage implementation and includes all of the SACSF controls, as well as mapping to national and international cyber security standards.