Self assessment & reporting


PSR Assurance Reporting

Guidelines that explain the annual self-assessment and assurance reporting process.

GOV8 - Assess your capability

Use an annual evidence-based assessment process to provide assurance that your organisation’s security capability is fit-for-purpose. Provide an assurance report to Government through the Protective Security Requirements team if requested. Review your policies and plans every 2 years, or sooner if changes in the threat or operating environment make it necessary.


Use this guidance to achieve a consistent approach to assessing protective security capability and compliance in organisations. This is to help:

  • identify areas of focus and address these through mitigation and education actions
  • evaluate the effectiveness of their protective security practices
  • improve their protective security policies and procedures.

For information about the self-assessment reporting for 2023/24, please see Self assessment & reporting.

Who this information is for

This information is primarily for Chief Executives, Chief Security Officers (CSOs), Chief Information Security Officers (CISOs) and other agency security management personnel.  It's also a useful reference for contracted protective security management service providers.

Legislative requirements

Where legislative requirements are higher than controls identified in these requirements, legislative requirements take precedence and need to be applied.

Relevant standards

The standards relevant to these requirements are:

Page last modified: 31/10/2023

Supporting documents