Detailed Outline
The NSW Government has a duty to safeguard its large information holdings. The use of information and information systems is an integral, and increasingly mission critical, part of all NSW Government activities. Information is an asset that must be protected to ensure its necessary confidentiality, integrity and availability. In recognition of this, Cabinet has directed that all agencies are to undertake measures to protect electronic information.
The measures are:
- all agencies are to develop and implement policies and plans for information security management by 2002;
- all agencies are to assign responsibility for IT security to a nominated officer;
- all agencies are to ensure that all staff, including contractors and consultants, understand their responsibilities for information security;
- the Department of Information Technology and Management will establish a program for external penetration testing of agencies' IT systems; and
- agencies are to have their IT systems certified to the national standard AS/NZS 4444 information security management when accredited certifiers become available.
The Department of Information Technology and Management (Office of Information Technology) published revised Information Management and Technology (IM&T) Guidelines for electronic security in early 2001. The Guidelines are aligned with AS/NZS 17799 and 4444 and are available from the Office of Information Technology's website at www.oit.nsw.gov.au.
The Department of Information Technology and Management is establishing on-line reporting arrangements for agencies' progress in implementing security management measures. Details will be issued in due course, but reporting will be quarterly until the end of 2002, then annually until 2004.
It should be noted that the Department of Public Works and Services currently operates a period panel contract (ITS 2037) for IT Security Consulting Services. This contract is being replaced by a new contract (ITS 2319) that includes IT security consulting services, and security products and related services.
Please contact Nigel Evans at the Office of Information Technology for further information on 9236 7718 or [email protected]
C. Gellatly
Director-General
___________________________________________
Superseded by M2007-04
Overview
Compliance
- Not Mandatory
AR Details
- Date Issued
- Jun 13, 2014
- Review Date
- Jun 13, 2024
- Replaces
-
- Replaced By
-
Contacts
- Contact
- Contact us
- Phone
- 02 9228 5555
- Publishing Entity
- Department of Premier and Cabinet
- Issuing Entity
- Department of Premier and Cabinet