Self assessment & reporting

SAR003

PSR Assurance Reporting

Guidelines that explain the annual self-assessment and assurance reporting process.

GOV8 - Assess your capability

Use an annual evidence-based assessment process to provide assurance that your organisation’s security capability is fit-for-purpose. Provide an assurance report to Government through the Protective Security Requirements team if requested.
Review your policies and plans every 2 years, or sooner if changes in the threat or operating environment make it necessary.

Purpose

Use this guidance to achieve a consistent approach to assessing protective security capability and compliance in organisations. This is help to:

  • identify areas of focus  and address these through mitigation and education actions
  • evaluate the effectiveness of their protective security practices
  • improve their protective security policies and procedures. 

Who this information is for

This information is primarily for Chief Executives, Chief Security Officers (CSOs), Chief Information Security Officers (CISOs) and other agency security management personnel.  It's also a useful reference for contracted protective security management service providers.

Legislative requirements

Where legislative requirements are higher than controls identified in these requirements, legislative requirements take precedence and need to be applied.

Relevant standards

The standards relevant to these requirements are:

Page last modified: 31/10/2018

Supporting documents