Skip to main content

The Protective Security Policy Framework (PSPF) has been developed to assist Australian Government entities to protect their people, information and assets, at home and overseas. The Directive on the Security of Government Business from the Attorney-General underpins protective security policy and aims to ensure the secure delivery of Government business.

The PSPF articulates government protective security policy. It also provides guidance to entities to support the effective implementation of the policy across the areas of security governance, personnel security, physical security and information security.

In 2018, the Attorney-General reissued the Directive on the Security of Government Business to reflect the new PSPF. The directive articulates the government's requirements for protective security to be a business enabler that supports entities to work together securely, in an environment of trust and confidence.

The directive establishes the PSPF as a policy of the Australian Government, which non-corporate Commonwealth entities are required to apply as it relates to their risk environment. The PSPF represents better practice for corporate Commonwealth entities and wholly-owned Commonwealth companies.

The PSPF is applied through a security risk management approach, with a focus on fostering a positive culture of security within the entity and across the government.