a) Conduct a review of the proposed security architecture of MPRA and provide recommendations for securing the solution based within the Australian Government Information security Manual (ISM) and other industry better practice.

b) Develop security documentation for the Passport Reader App. Documents required include a security risk management plan, system security plan, statement of Applicability and ICT Service Management Plan and must be developed in accordance with the Department’s security documentation framework and templates, and must also adhere to Australian Government information security requirements within the Protective Security Policy Framework and Information Security Manual.