The South Australian Cyber Security Framework (SACSF) ensures cyber security is well managed in each South Australian Government agency. The SACSF also provides flexibility in the way agencies address the policies within it. Agencies may still need to refer to the previous version of the SACSF for transition and attestation purposes.
The SACSF applies to South Australian public sector agencies as defined by the Public Sector Act 2009. The SACSF consists of 18 policy statements underpinning the four principles of: Governance, Information Security, Personnel Security, and Physical Security. Agencies must address each policy statement during implementation. Requirements are tiered across four levels , with each level adding more stringent controls commensurate with the risk exposure. The SACSF policies and requirements can be accessed using the tiles below: