If you need to report an emergency call 000. To report information relating to national security, contact the National Security Hotline on 1800 123 400.
Under the South Australian Protective Security Framework (SAPSF), a security incident is defined as:
- An action, whether deliberate, reckless, negligent or accidental that fails to meet protective security requirements or agency practices and procedures that result, or may result, in compromise to official information or resources
- An approach, from anybody seeking unauthorised access to official information or resources
- An observable occurrence or event that can harm South Australian Government people, information or assets
Employees should report security incidents through their agency’s reporting procedure. For further information contact your Agency Security Adviser.
Additionally, the SAPSF defines a significant security incident as a deliberate, negligent or reckless action that leads, or could lead, to compromise of official information or resources.
In addition to reporting through agency reporting channels, it is a requirement under the SAPSF that significant security incidents involving South Australian public sector agencies are reported to the SAPSF team. Please use the South Australian Government - Report a significant security incident form (forms.sa.gov.au) to report an incident.
If the security incident or significant security incident involves a security clearance holder sponsored by the Department of the Premier and Cabinet, the incident must also be reported to the State Security Officer.
Particular types of incidents also have additional external reporting obligations. Please see table 6 of SAPSF policy GOVSEC1: Security governance under 'Managing Security Incidents' and speak to your Agency Security Adviser.
The list below from the SAPSF GOVSEC1: Security Governance provides examples of security incidents and significant security incidents. This list is not exhaustive. If in doubt, please speak to your Agency Security Adviser.
· Criminal actions such as actual or attempted theft, break and enter, vandalism or assault
· Loss of personal information that is likely to result in serious harm
· Security classified material not properly secured or stored
· Security classified material left in inappropriate waste bins or government assets to be sold or disposed of
· Deliberate disregard of implementing an SAPSF requirement
· Access passes or identification documents lost or left unsecured
· Incorrect handling of security or classified marked information, such as a failure to provide the required protection during transfers or transmission resulting in a data spill on an electronic information network or system
· Compromise of keys to security locks, or of combinations settings
· Sharing computer passwords
· Espionage or suspected espionage
· Actual or suspected compromise of material at any level, including tampering with security containers or systems
· Loss, compromise, suspected compromise, theft or attempted theft of classified equipment
· Actual or attempted unauthorised access to an alarm system covering a secured area where security classified information is stored
· Loss of material classified PROTECTED or above, or significant quantities of material of a lower classification
· Recovery of previously unreported missing classified material or equipment
· Unauthorised disclosure of official or classified information, significant loss or compromise of cryptographic keying material, or a significant breach of ICT systems
· Continuous breaches involving the same person or work area where the combination of the events warrants an investigation
· Loss, theft, attempted theft, recovery or suspicious incidents involving weapons, ammunitions, explosives or hazardous materials including chemical, biological, radioactive or nuclear
· Actual or suspected hacking into any ICT system
