Glossary

A B C D E F G H I L M N O P Q R S T U V W Z

A


Access

Obtaining knowledge or possession of information (including verbal, electronic and hard copy information) or other resources, or obtaining admittance to an area.

Access control system

A system designed to limit access to facilities to authorised people whose identify has been verified.

Accountable

Required or expected to justify actions or decisions; answerable and responsible.

ACCOUNTABLE MATERIAL

The ACCOUNTABLE MATERIAL endorsement marking is used to indicate that the information requires strict control over its access and movement, as well as regular auditing, to ensure its safe custody. What constitutes ACCOUNTABLE MATERIAL will vary from agency to agency. A risk assessment will determine the frequency of auditing practices.

Accreditation

The process by which an approving authority gives formal recognition and approval that appropriate levels of security have been implemented to protect facilities and/or systems.
Accreditation is designed to ensure minimum standards are met and maintained throughout the lifespan of facilities and Information and Communications Technology (ICT) systems, and that any residual risks are appropriately managed.

Adverse security vetting recommendation

A written assessment from the New Zealand Security Intelligence Service (NZSIS) containing a recommendation of prescribed administrative action that would be prejudicial to the interests of the candidate. For example, a recommendation that a candidate should not be given access to protectively marked material.

Aftercare (personnel security)

See Security clearance management.

Agency (or New Zealand government agency)

All New Zealand government departments, authorities, agencies or other bodies established in relation to public purposes, including departments and authorities staffed under the State Sector Act 1988 and Public Finance Act 1989. This includes the State Services Commission, tertiary education institutions, state-owned enterprises and mixed ownership model companies, as well as agencies operating as instruments of the legislative branch of government.

Agency head

The head of an agency as outlined above. Endorses and is accountable for all protective security within the agency.

Agency security management personnel

Employees who are responsible for the day-to-day protective security functions within that agency. Duties may include: security risk reviews and audits, security awareness programmes for agency staff, preparation of agency security plans and security risk management advice.

Agency security plan

The plan of action the agency uses to address its security risk, based on the context in which the agency operates and a thorough threat and risk review.

Agency-specific character checks (fit and proper person checks and personnel security)

Personnel or employment checks other than the security clearance vetting process, undertaken by agencies as part of their personnel security management to address specific agency risks.

Aggregation

A term used to describe collections of protectively marked or UNCLASSIFIED official information or assets where the business impact from the compromise of confidentiality, loss of integrity or unavailability of the combination of the information or assets is greater than its component parts and may require a higher level of protection.

Agreement (information sharing)

An instrument, agreement or treaty between the New Zealand Government and another government. An arrangement or Memorandum of Understanding (MOU) between a New Zealand government agency and a foreign agency for the exchange and protection of information.

AOG

All of Government

APPOINTMENTS

The APPOINTMENTS endorsement marking is used when the actual or potential appointments have not yet been announced, and for the deliberation during the recommendation–approval process.

Approved Products List (APL)

A list of all security products that have been tested and evaluated by the NZSIS and approved for use in the protection of national protectively marked information or material.

Asset

An item that has a value to an agency – including personnel, information, physical assets and services. Also see Official resources.

Attached staff

Government employees from any agency who are posted overseas and who work mainly from the chancery premises (building or office of a diplomatic or consular mission) managed by the Ministry of Foreign Affairs and Trade (MFAT).

Audit

An independent examination and verification of an agency’s systems and procedures, measured against predetermined standards.

Authentication

The process of confirming a claimed identity or information.

Authorised persons (specified persons)

Specified persons who are authorised by the agency to have access to carry out work or perform duties.

Availability (of information)

Availability means that authorised users have access to the information that they need. See also Integrity and Confidentiality.