Home

Chief Executives and Senior Managers

What you need to know

Protective Security Requirements – roles and responsibilities

Agency heads are responsible and accountable for protective security within their agency.

The Protective Security Requirements (PSR) outlines the Government’s expectations for managing personnel, physical and information security. It clearly sets out what agencies must and should consider to ensure they are managing protective security effectively.

By implementing the PSR you will:

better manage business risks
assure continuity of service delivery
assure the Government and the public you have appropriate, effective measures in place to protect New Zealand’s people, information and assets.

The PSR provides you with:

core policy documents that describe the high level mandatory requirements that agencies are required to implement and report against
protocols and management requirements that provide further direction on how to meet the mandatory requirements.

What you need to do

Agency heads and senior managers are to apply the Protective Security Requirements (PSR) with the understanding it provides pathways for successfully protecting people, information and assets.

As agency heads and senior managers, your responsibilities include:

developing a strong and sustainable security culture within your agency
reviewing your agency’s protective security management policy and procedures regularly as part of your agency’s approach to risk management and business planning
ensuring the PSR mandatory requirements are being met and ensuring relevant oversight is in place
appointing a Chief Security Officer (CSO) and working with them as they develop, maintain, and oversee protective security policy and practices
endorsing security risk management structures, assurance activities and resource allocation
endorsing your agency’s policies and protocols for personnel, information and physical security
granting security clearances to staff and contractors after receiving a recommendation from the New Zealand Security Intelligence Service (NZSIS).

Common Questions

Case Studies

Tools and Templates

Change of Circumstance General Form
1.1 MB | pdf
Download Adobe Reader
Change of Circumstance relationship form
648 KB | pdf
Download Adobe Reader
Protective Security Capability Maturity Model
295 KB | pdf
Download Adobe Reader
Security advice for New Zealand Government officials travelling overseas
118 KB | pdf
Download Adobe Reader

Contact infomation

If you want to know more about the PSR you can contact:

psr@protectivesecurity.govt.nz +64 4 472 6170

MANDATORY REQUIREMENTS

THE NEW ZEALAND INFORMATION SECURITY MANUAL (NZISM)

What you need to know

Protective Security Requirements – roles and responsibilities

What you need to do

Common Questions

Case Studies

Risks of a compromised website: a PHYSEC, INFOSEC case study

Risks of making personal information public through social media: a PERSEC, INFOSEC case study

Risks of granting security vetting waivers: a PERSEC case study

Risks of discussing sensitive information outside the workplace: a PERSEC case study

Risks of unauthorised personnel accessing restricted areas and agencies failing to follow physical security plans and procedures: a PHYSEC and PERSEC case study

Correctly storing protectively marked information in exceptional circumstances: an INFOSEC and PHYSEC case study

Risks of taking electronic media overseas and not reporting the carrying of protectively marked information: an INFOSEC, PERSEC and PHYSEC case study

Email fraud: an INFOSEC case study

Security clearances for contractors who have spent time overseas: a PERSEC case study

Reporting financial mismanagement and contact with foreign officials: a PERSEC case study

Safeguarding protectively marked documents: a PHYSEC case study

Tools and Templates

Contact infomation