The information domain includes the processes and systems for the handling of organisational information to ensure the confidentiality, integrity and availability throughout its lifecycle.
Desired outcome
Each South Australian Government agency is responsible for maintaining the confidentiality, integrity and availability of all official information.
To support agencies to achieve this outcome, the South Australian Protective Security Framework (SAPSF) includes three Information Security (INFOSEC) policies, each comprised of one core requirement and varying number of supporting requirements.
Information Security Policies
| Policy webpage | Download |
|---|---|
INFOSEC 1: Protecting official information Protect official information against compromise | |
INFOSEC 2: Accessing official information Ensure official information is available to those who need it | |
INFOSEC 3: Robust ICT and cyber security Safeguard ICT systems from compromise to ensure confidentiality, integrity and availability of official information is maintained |
South Australian Classification System
The South Australian Information Classification System (ICS) commenced on 1 December 2019. It is the information classification system all South Australian public sector agencies must use when assessing the confidentiality, integrity and availability of their information assets to ensure appropriate classification, protective markings and handling requirements are assigned.
The ICS replaces the classifications previously outlined in the Information Security Management Framework (ISMF).
The ICS is based upon the Commonwealth Government’s sensitive and classified information requirements under the Protective Security Policy Framework (PSPF) (external site) (external site) (external site) (external site) with some modifications to suit the South Australian context.
South Australian Information Classification System overview (PDF, 226.7 KB) (PDF) (PDF) (PDF) (PDF)