This section has information and tools to help your organisation set up effective organisational governance of protective security to protect your people, information, and assets.
Managing security risks proportionately and effectively enables organisations to protect people, information and assets. To successfully manage security risks organisations must ensure security is part of their organisational culture, practices and operational plans
The core governance requirements that mandated government agencies must follow and other organisations should consider as best practice.
Understand how to develop policies, plans and processes for protective security, using a consistent, structured approach.
Guidelines for planning and assigning responsibilities for protective security.
Assign Business Impact Levels (BILs) to your organisation’s security risks as part of your risk assessment process. BILs are used to consistently assess the likely impacts of security breaches.
Use this guidance to help you develop the alert levels your organisation needs to move to heightened security in case of emergency or increased threat.
Build security awareness with everyone in your organisation, so they’re aware of your security risks and follow your security processes
Understand how to report, manage, and investigate security incidents using a consistent, structured approach
Enhance your organisation’s resilience and strengthen your security measures with a business continuity management programme.
Protect your organisation’s information and assets. Identify and manage risks that arise from working with external suppliers.
Adopt a consistent and structured approach to protecting your people, information, and assets when people are working away from the office.