Purpose

This policy forms part of the South Australian Protective Security Framework (SAPSF). It ensures all South Australian Government agencies protect their information assets from compromise. It outlines the South Australian Information Classification System (ICS) and associated guidance which all agencies must use to protect the confidentiality, integrity and availability of all official information. The requirements of this policy are designed to mitigate against both intentional and accidental threats and reduce the impact on government business.

Information security policy: Protecting your agency’s information (PDF, 477.0 KB)

Core requirement

Protect your agency’s information against compromise.

Information compromise includes, but is not limited to: loss, misuse, interference, unauthorised access, unauthorised modification, and unauthorised disclosure.

Supporting requirements

To protect your agency’s information against compromise, you must:

  1. determine the appropriate classification and any protections that apply to official information
  2. set the classification at the lowest reasonable level to protect against compromise to the confidentiality, integrity or availability of all official information
  3. ensure all sensitive and security classified information (including emails) are marked with the correct protective markings
  4. ensure all information is handled according to the classification and protective markings assigned to that information
  5. seek permission from the information originator to make changes to the classification or protective markings
  6. ensure processes for transferring or transmitting sensitive and security classified information deter and detect compromise
  7. ensure sensitive and security classified information is stored securely in an appropriate security container for the approved security zone
  8. ensure sensitive and security classified information is disposed of securely
  9. be responsible for caveated and accountable material.

Guidance

Protecting your agency’s information (PDF, 477.0 KB)

Additional resources

Classification Assessment Tool (PDF, 163.4 KB)

Business Impact Level Tool  (PDF, 202.9 KB)

Historical classifications and sensitivity markings in South Australia  (PDF, 156.1 KB)

Mapping classifications (PDF, 36.8 KB)

Minimum handling protections for disposal of sensitive and security classified information (PDF, 130.0 KB)

Minimum requirements for information transmission and transfer  (PDF, 148.2 KB)

Minimum use and storage requirements for sensitive and security classified information  (PDF, 140.4 KB)

Alignment of classifications to BIL, protective marking and access requirements (PDF, 142.5 KB)