Purpose

This policy ensures all South Australian Government agencies protect their information assets from compromise. It outlines the South Australian Information Classification System (ICS) and associated guidance which all agencies must use to protect the confidentiality, integrity and availability of all official information. The requirements of this policy are designed to mitigate against both intentional and accidental threats and reduce the impact on government business.

Core requirement

Protect official information against compromise*.

*Information compromise includes, but is not limited to: loss, misuse, interference, unauthorised access, unauthorised modification, and unauthorised disclosure.

Supporting requirements

To protect official information against compromise, agencies must:

  1. determine the appropriate classification and any protections that apply to official information
  2. set the classification at the lowest reasonable level to protect against compromise to the confidentiality, integrity or availability of all official information
  3. ensure all sensitive and security classified information (including emails) are marked with the correct protective markings
  4. apply the South Australian Recordkeeping Metadata Standard to ensure metadata reflects any protective markings
  5. ensure all information is handled according to the classification and protective markings assigned to that information
  6. seek permission from the information originator to make changes to the classification or protective markings
  7. ensure processes for transferring or transmitting sensitive and security classified information deter and detect compromise
  8. ensure sensitive and security classified information is stored securely in an appropriate security container for the approved security zone
  9. ensure sensitive and security classified information is disposed of securely
  10. be responsible for caveated and accountable material.

INFOSEC1 Guidance (PDF, 1.6 MB)

Additional resources

Classification Assessment Tool (PDF, 159.7 KB)

Business Impact Level Tool  (PDF, 720.6 KB)

Historical classifications and sensitivity markings in South Australia  (PDF, 741.1 KB)

Mapping classifications (PDF, 229.1 KB)

Minimum handling protections for disposal of sensitive and security classified information (PDF, 541.3 KB)

Minimum requirements for information transmission and transfer  (PDF, 590.2 KB)

Minimum use and storage requirements for sensitive and security classified information  (PDF, 572.7 KB)

Alignment of classifications to BIL, protective marking and access requirements (PDF, 639.7 KB)

Minimum protections and handling requirements for TOP SECRET information (PDF, 514.6 KB)

Minimum protections and handling requirements for SECRET information (PDF, 519.4 KB)

Minimum protections and handling requirements for PROTECTED information (PDF, 521.0 KB)

Minimum protections and handling requirements for OFFICIAL: Sensitive information (PDF, 503.7 KB)

Minimum protections and handling requirements for OFFICIAL information (PDF, 448.9 KB)