Govt not effectively mitigating insider threats


By Dylan Bushell-Embling
Monday, 14 May, 2018


Govt not effectively mitigating insider threats

The Australian Government Security Vetting Agency (AGSVA) is not effectively mitigating the government's exposure to insider threats, a new audit has found.

An audit of the personnel security component of the government's Protective Security Policy Framework (PSPF) found that AGSVA has failed to implement the government's policy direction to share information with client entities on identified personnel security risks.

The audit, conducted by the Australian National Audit Office (ANAO), evaluated whether the AGSVA is providing effective security vetting services.

The audit also assessed the Attorney General's Department, the Digital Transformation Agency, ASIC, and the Australian Radiation Protection and Nuclear Safety Authority for compliance with the personnel security requirements of the framework, following 2014 reforms conducted in response to the previous audit.

None of the audited entities — including AGSVA — fully comply with all mandatory PSPF controls, the audit found.

Further, while AFSVA collects and analyses information regarding personnel security threats, it does not communicate this information to entities outside of its parent, the Department of Defence. The agency also does not use clearance maintenance requirements to minimise risks.

Since the prior audit, AGSVA's average timeframe for completing positive vetting clearances has increased significantly.

But the audit found that the agency has plans to implement a number of process improvements by adopting a new ICT system. The new system is expected to be fully operational in 2023.

The other audited entities also demonstrated mixed compliance with the PSPF personnel security requirements.

Some were only partially compliant with the requirement to ensure personnel have appropriate clearances, and none had fully implemented the requirements introduced in 2014 to manage the ongoing suitability of personnel.

Image credit: ©iStockphoto.com/Brian Jackson

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

Building secure AI: a critical guardrail for Australian policymakers

While AI has the potential to significantly enhance Australia's national security, economic...

Building security‍-‍centric AI: why it is key to the government's AI ambitions

As government agencies test the waters of AI, public sector leaders must consider how they can...

State government agencies still struggling with securing user access

Audit reports have shown that Australian government agencies in four states experience challenges...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd