PSPF stands for the Protective Security Policy Framework and was released in 2018 by the Attorney-General in the ‘Directive on the Security of Government Business’ document.
It is a set of guidelines and requirements for Australian government agencies that defines security goals for personnel, information and assets both within Australia and overseas. It sets out how protective security is to be provided and managed to enable business to be conducted in an atmosphere of trust and confidence.
The PSPF security concept is composed of four tiers of which the directive released by the Attorney-General is the first. The second tier consists of governance arrangements that outlines 33 mandatory requirements that all government agencies must meet. The third tier consists of the protocols, guidelines and standards that outline the specific activities that personnel must perform in the agency. The final tier consists of security policies that are specific to the agency: that is, the specific policies and procedures that meet their business needs.