Protective Security Directions under the PSPF

The PSPF provides that, having considered advice from lead protective security entities, the Secretary of the Department of Home Affairs may issue a direction to accountable authorities to manage a protective security risk to the Commonwealth. The accountable authority of each entity must adhere to any direction issued. Refer to PSPF policy 1: Role of accountable authority

Directions

Download: Direction 001-2024 on Managing Foreign Ownership, Control or Influence Risks in Technology Assets [PDF]

Publication date: 8 July 2024

PSPF Direction 001-2024 requires Australian Government entities to identify indicators of Foreign Ownership, Control or Influence risk as they relate to procurement and maintenance of technology assets and appropriately manage and report those risks.

Download: Direction 002-2024 on Technology Asset Stocktake [PDF]

Publication date: 8 July 2024

PSPF Direction 002-2024 requires Australian Government entities to identify and actively manage the risks associated with vulnerable technologies they manage, including those they manage for other entities.

Download: Direction 003-2024 on Supporting Visibility of the Cyber Threat [PDF]

Publication date: 8 July 2024

PSPF Direction 003-2024 requires Australian Government entities using threat intelligence sharing platforms to share cyber threat information with the Australian Signals Directorate.

Download: Direction 001-2023 on the TikTok application [PDF]

Publication date: 4 April 2023

PSPF 001-2023 restricts the use of the TikTok application on government devices, based on the security risk presented by that application.