Provision of Security Risk Assessment Services
Tender ID: 581237
Tender Details
Tender Description
The scope of the risk assessment must be in line with the core and supporting requirements under Policy 3 of the PSPF capturing the risk to the agency’s people, information and assets with a specific focus on the following:
Review of the agency’s overarching security governance and risk frameworks, including the agency’s Protective Security Plan and Frameworks (including threat, vulnerability and criticality assessments)
* Review of the agency’s security policy suite
* Review of security delegations
* Personnel security risk assessment
o Review of personnel security policies in line with minimum security clearance requirements (international travel reporting, contact reporting and change of circumstance reporting)
o Scoping of a new policy suite to contribute to the ACIC’s Insider Threat Program
o Review of current personnel security aftercare measures, including employee separation processes
o Review of the agency’s Organisational Suitability Assessments (pre-employment screens)
o Review of the agency’s current designated security assessed position (DSAP) register.
The outcome of the Agency Security Risk Assessment will ensure any gaps in our current security governance framework are reviewed and actioned in light of the changes to Australia’s national security operating environment, terrorism threat level, and new whole-of-government initiatives such as the Insider Threat Program. The security consultant will remediate the results of the Security Risk Assessment and Action Plan by creating new, or improving on existing policy