Australian Government Personnel Security Protocol Version 2.0 1 September 2014
© Commonwealth of Australia 2013 All material presented in this publication is provided under a Creative Commons Attribution 3.0 Australia licence Creative Creative Commons !icenses". !icenses". #or the avoidance of doubt$ this means this licence onl% applies to material as set out in this document.
&he details of the relevant licence licence conditions are available on the the Creative Commons website as is the full le'al code for the CC () 3.0 A* licence Creative Creative Commons !icenses". !icenses".
Use of the Coat of Arms &he terms under which the Coat of Arms can be used are are detailed on the +t,s an -onour website. website. Contact us n/uiries re'ardin' the licence and an% use of this document are welcome at Commercial and Administrative !aw (ranch Attorne%enerals Attorne%enerals epartment 356 7ational Cct (A8&97 AC& 2:00 Call 02 :141 :::: mail cop%ri'ht;a'.'ov.au ocument details Securit% classi
*nclassi
issemination limitin' mar=in'
>ublicl% available
ate of ne?t review
*nder review
Authorit%
Attorne%eneral
Author
>rotective Securit% >olic% Section Attorne%enerals epartment
ocument status
Version 2.0 approved 1 September 2014 replaces Version 1
i
Table of contents 1.
Scope 1 1.1.
+ntroduction 1
1.2.
Status and applicabilit%
1.3.
&erms used in this >rotocol
1.4. 1.4.
A'en A' enc% c% respo espons nsib ibil ilit itie ies s in in per perso sonn nnel el secu securi rit% t% 4
1
1.4.1.
Agency heads
4
1.4.2.
Line managers
4
1.4.3.
Agency personnel 4
1.4.4.
Need-to-know principle
1.6.
>olic% e?ceptions
1.5.1. 1.:.
2
4
6
Functional eui!alents
5
Sharin' personal information
6
2.
Components of personnel security
7
3.
!entifyin" personnel security ris#
$
3.1.
%.
>ersonnel securit% ris= review
&mployment screenin"
@
1'
4.1. 4.1.
8ecom ecomme mend nded ed empl emplo% o%me ment nt scr screeni eenin' n' 10
4.2.
A'enc%speci
4.3. 4.3.
8ecord ecordin' in' resu results lts of emplo emplo%me %ment nt and and addi additio tional nal a'enc% a'enc% speci< speci
4.3.1.
(.
Additional in"ormation
11
11
)n"oin" su suitability fo for em employment
13
6.1. 6.1.
Sec Securit urit% % awar awaren enes ess s$ trai train nin' in' and and educ educat atio ion n
6.2.
>erformance mana'ement
6.3.
Conict of interest 13
6.4.
+ncident investi'ation
6.6. 6.6.
Bonito Bonitorin rin'$ '$ evalu evaluati atin' n' and and record recordin' in' of on'o on'oin' in' pers personn onnel el suita suitabili bilit% t% 14
*.
13
13
14
A"ency security clearance re+uirements
1(
:.1.
Coo Coopera eration ion iin n th the cl cleara earan nce pr process ess
16
:.2. :.2.
+denti +dentif%i f%in' n' and and record recordin' in' posi positio tions ns that that re/u re/uir ire e a securit securit% % cleara clearance nce 16
#.2.1.
$ecurity clearance le!els 1#
#.2.2.
%a!eat and codeword access
#.2.3.
%ontractors re reuiring se security c cllearances
1& 1&
ii
#.2. #.2.4. 4. 'ers 'erson ons s empl employ oyed ed und under er the the (em (em)e )ers rs o" o" 'arl 'arlia iame ment nt *$t *$ta+ a+,, Act Act 14 14 *(o'$ *(o'$ Act, Act, 1 :.3.
Australian oce holders
1D
:.4.
9ther access arran'ements
1@
#.4. #.4.1. 1. Forei Foreign gn Nati Nation onal als s with with nonnon-Au Aust stra ralia lian n /o!e /o!ern rnme ment nt secu securit rity y clearances 1 :.6. :.6.
li' li'ib ibil ilit it% % waiv waiver ers s cit citiE iEen ensh ship ip and and chec chec=a =abl ble e bac= bac='r 'rou ound nd"" 20
#.5.1.
0ligi)ility wai!ers
2
#.5.2.
Non-Australian citiens
#.5.3.
nchecka)le )ackgrounds
#.5.4.
%onditions "o "or cl clearances su su)ect ect to to an an eli elig gi)i i)ilit lity wa wai!er i!er
21 21
:.:.
!ocall% en'a'ed staF
:.G. :.G.
Stat State e or &erri errito tor% r% 'ov 'overnm ernmen entt s sec ecur urit it% % cle clear ara ances nces
7.
22
22 23
Tempo mporary rary ac access cess to to cla class ssi, i,e e! inf informat rmatio ion n arr arran"e an"em ment ents 2% G.1.
&emporar% access conditions
24
&.1.1.
ypes o" temporary access
&.1.2.
$hort term access 2#
&.1.3.
'ro!isional ac access 2&
G.2.
-. D.1. D.1.
&emporar% ac access fo for B9 B9>S Ac Act s sttaF
2G
ettin" a"ency responsibilities
2-
Auth Au thor orit it% % to ma= ma=e clea cleara ranc nce e deci decisi sion ons s 2D
.1. .1.1. 1. D.2.
25
%on6 %on6rm rmin ing g eli eligi gi) )ilit ility y "or "or a sec secur urit ity y cle clea aranc rance e 2
Assessin' Suitabilit%
2D
.2.1.
$upplementary checks and inuiries
2
.2.2.
(itigation
.2.3.
7etting agency consultation with sponsoring agencies
2
D.3.
Vettin' decisions
D.4. D.4.
#ailu ailurre to to com compl pl% % wit with h the the clea cleara ranc nce e pr proces ocess s 2@
D.6.
>ersonnel se securit% ch chec=s fo for in initial cl clearances
2@
.5.1.
$tatutory declaration
.5.2.
A$89 $ecurity Assessment
D.:.
8eviews of of se securit% cl clearances
.#.1.
'eriodic :e!alidations
.#.2.
:e!iews "or cause 32
D.G.
Adverse
2
30
31 31
31 31
33
iii
D.D. D.D.
AS+9 AS +9i ini niti tiat ated ed revie eview w of AS AS+9 +9 Secu Securi rit% t% As Asse sess ssme ment nt
D.@.
8evi eviews ews of of sec secu urit% it% c cllearance pr process esses an and ou outcomes
D.10. 8evi eview of cl clearance dec decis isiions
33 33
34
D.11. &ransfer of >ersonal Securit% #iles
34
D.12 D.12.. 8eco' eco'ni niti tion on of clea cleara ranc nces es 34 D.13 D.13.. Active tive and and inac inacti tive ve clea cleara ranc nces es
36
D.14. D.14. Vettin' ettin' staF staF train trainin' in' and /uali< /uali
$.
36
A"en A"ency cy resp respon onsi sibi bili liti ties es fo for r acti active ve mo moni nito tori rin" n" of clea cleara ranc nce e hol!ers 3* @.1. @.1.
Sec Securit urit% % awa awarrenes eness s tra train inin in' ' for for clea cleara ranc nce e hol holde ders rs
@.2. @.2.
Bana Bana'i 'in' n' speci peci<
@.3.
Annual health chec=
3G
@.4.
Sharin' of information
3D
.4.1.
3G
:eporta)le changes o" personal circumstances
3G
3
.4. .4.2. 2. %ont %ontac actt repor reporti ting ng und under er the the Aus Austr tral alia ian n /o!e /o!ern rnme ment nt %on %onta tact ct :eporting $cheme 3 .4. .4.3. 3. :epo :eport rting ing secu securi rity ty inci incide dent nts s to !ett !ettin ing g agen agenci cies es and and othe otherr appr approp opri riat ate e agen agenci cies es 3 @.6. @.6.
Chan' Chan'e e of of spo spons nsor orsh ship ip of secu securi rit% t% clea cleara ranc nces es 40
@.:.
>ersonnel on on tte emporar% tr transfer or or se secondment
40
.#. .#.1. 1. %lea %leara ranc nce e main mainte tena nanc nce e "or "or per perso sonn nnel el on on sec secon ondm dmen entt or or tempor temporary ary ass assignm ignment ent 4 @.G.
>ersonnel on e?tended leave
41
@.D. @.D.
Clea Cleara ranc nce e maint mainten enan ance ce for for cont contra ract ctor ors s 41
.. ..1. 1. %lea %leara ranc nce e spo spons nsor orsh ship ip o" cont contra ract ctor ors s tha thatt are are no long longer er acti acti!e !ely ly engage engaged d )y an an agency agency 42
1 '.
A"ency separation actions %3
10.1. >rior ior to se separation ion 43 10.2. 9n separation 1.2.1 2.1.
43
$eparation ion o" o" co contractors tors 44
Anne/ A0 e+uest for variation of Special inister of States 4etermination 2'1251 for a inisters &lectorate )6cer %(
iv
Amen!ments o.
4ate
8ocation
Amen!ment
1 2 3 4
v
1. Scope Introduction 1.
2.
&he core core poli policie cies s of the the >rote >rotecti ctive ve Securit Securit% % >olic >olic% % #ram #ramewo ewor= r= >S>#" >S>#" provi provide de the the mandator% re/uirements for protective securit% in Australian overnment a'encies. &he Australian overnment >ersonnel Securit% >rotocol provides more detailed advice for a'encies to meet their mandator% personnel securit% re/uirements. >erso >ersonne nnell securi securit% t% is one elem element ent of of 'ood 'ood prote protecti ctive ve secu securit rit% % mana'e mana'emen ment. t. &he Australian overnments personnel securit% measures determine the suitabilit% of personnel to access Australian overnment resources. A suitable person demonstrates inte'rit% and reliabilit% and is not vulnerable to improper inuence.
3.
Fecti Fective ve perso personne nnell securi securit% t% facil facilita itates tes the the shari sharin' n' of Austr Australia alian n 'overn 'overnment ment resources and is an essential miti'ation tool to the threat posed b% trusted insiders.
4.
An a'enc a'enc%s %s person personnel nel secu securit rit% % ris= ris= assess assessment ment should should be be incorp incorpora orated ted into into the a'enc%s securit% ris= mana'ement process and other a'enc% ris= mana'ement processes. >ersonnel securit% ris= mana'ement ma% impact on$ andHor complement$ information and ph%sical securit% controls.
Status and applicability 6.
&his &his >roto >rotocol col form forms s part part of the the third third leve levell of the the Austra Australia lian n overn overnmen ments ts personnel securit% polic% hierarch%$ as shown in #i'ure 1. &his protocol and its supportin' 'uidelines will inform a'enc%speci
Figure 1 - Personnel security policy hierarchy
1
:.
G.
&he >ers >ersonn onnel el Securit Securit% % >roto >rotocol col deriv derives es its its author authorit% it% fro from m the >S># >S># 5 irect irective ive on the securit% of overnment business$ overnance arran'ements$ and the >ersonnel securit% core polic% and mandator% re/uirements. +t should be read in conIunction with •
the Australian overnment information securit% mana'ement protocol
•
the Australian overnment ph%sical securit% mana'ement protocol
•
the 'u)lic $er!ice Act 1 1 Cth" Cth" >S >S Act"
•
the 'ri!acy Act 1 Cth"
•
an% a'enc% speci
•
the >ersonnel Securit% uidelines.
>osit >ositive ive Vett Vettin' in' >V" >V" securit securit% % polic% polic% deve develop loped ed b% the the +nter +nterA' A'enc enc% % Securit% Securit% #orum" is detailed in the Sensitive Baterial Securit% Bana'ement >rotocol SBSB>". istribution of the SBSB> is limited limi ted to a'enc% securit% advisers with a need to =now.
Terms used in this thi s Protocol D.
+n this this >rot >rotoc ocol ol the the use use of the the ter terms ms •
•
•
•
@.
Jnee! to refers to a le'islative re/uirement that a'encies must meet m eet Jare to or Jis to are controls that support compliance with the mandator% re/uirements of the personnel securit% core polic% Jshoul! refers to better practice. A'encies are e?pected to appl% better practice unless the a'enc% ris= assessment has identi
*nle *nless ss othe otherw rwis ise e sta state ted$ d$ the the use use of of •
•
•
•
•
Jpersonnel in this protocol refers to emplo%ees$ contractors and service providers as well as an%bod% else who is 'iven access to a'enc% assets as part of a'enc% sharin' initiatives Jemployment screenin" refers to screenin' underta=en b% an a'enc% prior to emplo%ment of staF or en'a'ement of contractors JAustralian Government resources refers to the collective term used for Australian overnment people$ information and assets$ and Jvettin" a"ency refers to the Australian overnment Securit% Vettin' A'enc% ASVA"$ authorised a'encies and State and &erritor% vettin' a'encies.
9inancial statement 5 provides a detailed summar% of a clearance subIects assets$ income$ liabilities and e?penditure.
2
•
10.. 10
provides an overview of a clearance subIects 9inancial history chec#
Clea Cleara ranc nce e decis decisio ions nsHs Hsta tatu tus s •
•
•
•
•
•
•
•
:ineli"ible refers to a determination b% a vettin' a'enc% that a clearance subIect is not eli'ible for an Australian overnment securit% clearance as the% do not hold Australian citiEenship andHor have a chec=able bac='round :!eny refers to a determination b% a vettin' a'enc% that a clearance subIect is not eli'ible to hold a Australian overnment securit% clearance at one or more clearance levels :"rant refers to a determination b% a vettin' a'enc% that a clearance subIect is eli'ible and suitable to hold an Australian overnment securit% clearance :"rant ; con!itional con!itional refers to a determination b% a vettin' a'enc% that the clearance subIect is eli'ible and suitable to hold an Australian overnment securit% clearance with conditions andHor after care re/uirements are attached to the clearance :cancel refers to a Securit% clearance initiated$ but not completed b% the vettin' a'enc% as the sponsorship of the clearance was removed at the re/uest of the sponsorin' a'enc%$ the sponsorship or clearance re/uirement could not be con
-
is not sponsored b% an Australian overnment A'enc%
-
is not bein' maintained b% the clearance holder for a period 'reater than si? months due to lon' term absence from their role
-
for the >ositive Vettin' Vettin' level is within reevaluation period but is unsponsoredK however$ an annual securit% chec= was completed within the last two %ears
-
can be reactivated or reinstated provided the clearance is sponsored b% an Australian overnment a'enc% before the end of the revalidation period$ and
-
cannot be reactivated until all chan'e of circumstances noti
:e/pire! refers to a securit% clearance that
-
is outside the revalidation period and is not sponsored b% an Australian overnment a'enc%
3
•
-
is a >V clearance and did not have an annual securit% appraisal completed within a two %ear period
-
cannot be reactivated and reinstated$ and
-
reverts to an initial securit% clearance assessment process if an Australian overnment a'enc% provides sponsorship after the end of the revalidation period.
:Cease! refers to a securit% clearance
-
that has been denied or revo=ed
-
that ma% have timebased conditions on when a clearance subIect or holder can reappl% for a securit% clearance$ and
-
where the clearance subIect or holder is ineli'ible to hold or maintain a securit% clearance.
11. Additiona Additionall terms terms used used in this >rotocol >rotocol can be be found found in the '$'F ; /lossary o" erms.. erms
Agency responsibilities responsibilities in in personnel personnel security 12. Fective Fective personn personnel el securit% securit% mana'em mana'ement ent is a respons responsibilit% ibilit% of all a'enc% a'enc% personnel includin'$ senior mana'ement$ line mana'ers$ -8 areas$ and securit% areas.
Agency heads 13. 8espons 8esponsibilit% ibilit% for developmen development$ t$ implement implementation ation and and maintenan maintenance ce of personn personnel el securit% mana'ement ultimatel% rests with the a'enc% head. 14.. 14
A'e A' enc% nc% h hea eads ds set et •
leadershipHvision and values
•
emplo%ment standards
•
the a'encies ris= tolerance$ and
•
culture throu'h polic%$ procedures and education.
Line managers 16. !ine mana'ers mana'ers pla% pla% a =e% role role in personnel personnel securit% securit%. &he% are are more li=el% li=el% than a'enc% securit% staF to have a detailed and accurate =nowled'e of their emplo%ees and the duties of a position in their wor= area. 1:. !ine !ine mana mana'ers 'ers are are resp respons onsibl ible e for for •
positivel% inuencin' the protective securit% behaviour of their personnel
•
monitorin' emplo%ee behaviour$ and
•
reportin' an% concerns about a staF members suitabilit% for access to ocial resources to the a'enc% securit% section 4
Agency personnel 1G. All a'enc% a'enc% person personnel nel are are resp respons onsibl ible e for for •
•
•
•
•
appl%in' the Jneedto=now principle bein' aware of the importance of their role in$ and responsibilit% for$ ensurin' the maintenance of 'ood personnel securit% practices throu'hout the a'enc% reportin' issues of concern compl%in' with a'enc% preen'a'ement$ on'oin' suitabilit% and securit% clearance processes$ and compl%in' with Australian overnmentwide and a'enc%speci
Need-to-know principle 1D. A'encies A'encies are are to limit acces access s to$ and and disseminat dissemination ion of$ Austra Australian lian overn overnment ment resources to those personnel who need the resources to do their wor=. 1@. A'encies A'encies are are to limit acces access s to$ and and disseminat dissemination ion of$ Austra Australian lian overn overnment ment securit% classi
Policy eceptions 21. ?ception ?ceptional al circumst circumstances ances or or emer'encies emer'encies ma% arise arise that prevent prevent a'encie a'encies s from appl%in' relevant controls identi
S>#. >S>#. &hese ma% be either of an on'oin' or of an emer'enc% nature. 22. >olic >olic% % e?c e?cept eption ions s can can be be made made for for an an Jare to or Jis to statement. (% ma=in' a polic% e?ception$ an a'enc% head he ad is ac=nowled'in' that the a'enc% •
is not appl%in' the speci
•
is aware of and willin' to accept the ris= posed to their a'enc%$ and
•
will mana'e the ris= in another wa%. wa%.
23. A'encies A'encies cannot cannot ma=e ma=e polic% e?ception e?ceptions s to A*S&9 A*S&9 and %es %es 9nl% 9nl% access access re/uirements. #or #or further information see Foreign Nationals with non-Australian /o!ernment /o!ernm ent securi security ty cleara clearances nces.. 24 .
A'encies are to document their polic% e?ceptions$ includin' the ris= assessment$ in accordance with their a'enc% speci
26. Lhere Lhere appropriat appropriate$ e$ polic% polic% e?ceptio e?ceptions ns and ris= ris= assess assessments ments ma% ma% cover cover polic% decisions relatin' to t%pes of activit%$ rather than individual instances.
6
Functional e!ui"alents 2:. Lhere Lhere a'encies a'encies use altern alternative ative person personnel nel securit% securit% measur measures es that prov provide ide the same or better functionalit% than speci
#or fur furth ther er inf infor orma mati tion on see see /o!ernance arrangements ; Audit< re!iews and reporting.. reporting
Sharing personal in#ormation 2@. &he Australia Australian n overnment overnment e?pect e?pects s a'encies a'encies and vettin vettin' ' a'encies a'encies to shar share e information relevant to the on'oin' suitabilit% of personnel to access Australian overnment resources. 30 .
A'encies are to obtain written on'oin' consent from all personnel e?istin' and potential" to share information with other a'encies for the purposes of assessin' their on'oin' suitabilit%. suitabilit%. &his includes emplo%ment screenin' and securit% clearance processes. A template informed consent form is provided at Anne? C of the 'ersonnel security guidelines ; Agency personnel security responsi)ilities and Anne? - of the 'ersonnel security guidelines ; 7etting practices 31.Sharin' relevant information does not breach an individuals privac% provided that informed consent is received and the information is used for the purpose for which consent is provided. #or further information see Anne? of the 'ersonnel security guidelines ; Agency personnel security .
32. +n order order to prevent prevent or or minimise minimise the impact impact of of securit% securit% concern concerns s a'encies a'encies ma% provide relevant information about personnel to
33 .
•
law enforcement a'encies
•
intelli'ence a'encies
•
potential 'ainin' a'encies prior to personnel transferrin'"$ and
•
other a'encies that are aFected b% a securit% concern.
A'encies are to include a contractual re/uirement for service providers and contractin' companies to see= written consent to share information with the a'enc% from all the service providers or contractin' compan%s personnel who ma% access the a'encies resources. &he a'enc% ma% then on behalf of the Commonwealth share this information with other a'encies f or the purposes of assessin' suitabilit% to access Australian overnment resources. See Anne? C of the 'ersonnel security guidelines ; Agency responsi)ilities for responsi)ilities for a template informed consent form.
:
34. #or #or further further advice advice on protect protective ive securit% securit% in contrac contractin' tin' see see /o!ernance arrangements ; %ontracting. %ontracting.
G
2. Comp Compon onen ents ts of of pers person onne nell secu securi rity ty 36. >erso >ersonne nnell securit% securit% compri comprises ses three three maIor maIor component components s •
emplo%ment screenin'K
•
maintainin' on'oin' suitabilit%$ and
•
separation activities.
3:. An a'enc a'enc%s %s appro approach ach to to person personnel nel secu securit rit% % is to be comprehensive and on'oin'. &he followin' table 'ives e?amples of measures at the various sta'es.
D
Table 1 ; Summary of personnel security components Sta'e
>ersonnel securit% measures
?amples of tools$ techni/ues and services
mplo%ment mplo%ment chec=s chec=s
+dentit% +dentit% proo
7ational 7ational +dentit% +dentit% >rooroo
li'ibilit%
Australian CitiEenship or correct visa"
Muali
Certi
>revi >revious ous emplo% emplo%men mentt chec chec=s =s
8efere eferee e chec chec=s =s
Criminal records chec=
7o e?clusion chec= under the spent conviction scheme unless a'enc% has partial or full e?emption$ e?emption$
A'enc% speci
Credit chec=s$ dru' screenin'$ etc.
' n i n e e r c s t n e m % o l p m .
% t i l i b a t i u s ' n i o ' n o ' n i n i a t n i a B
+nitial securit% clearances
Suitabilit% assessments b% vettin' a'encies
Counterin'
mplo%ee securit% awareness awareness pro'rams$ contact reportin' scheme
n manipulation o i t a c u Securit% culture d .
Access controls >rotective n monitorin'
o i t a u l a v e N ' n i r o t i n o B
*sin' incentives to encoura'e the reportin' of securit% issues >h%sical an and lo lo'ical ac access privile'es
+& passwords$ access passes$ codes
>h%sical access and +& s%stems monitorin'
S%stem audit processes p rocesses
+nvesti'ations
ather evidence about securit% breaches for possible Code of Conduct or criminal prosecution
9n'oin' emplo%ment suitabilit% chec=s
Chan Chan'e 'e of cir circu cum msta stances nces A'enc% speci
>erio riodic dic cr credit edit chec chec=s =s$$ d dru ru' ' screenin'$ etc.
Securit% clearance maintenance
>eriodic revalidations
Annual health chec=
Chan'e of circumstances Contact reportin' 8eviews for cause
s e i t i v i t c a n o i t a r a p e S
9n'oin' obli'ations brie
>ostemplo%ment >ostemplo%ment personnel securit% obli'ations under Crimes ActH Criminal Code and other le'islation
Securit% clearance debrief ?it interview
Lithdrawal of access
Cancellin' + passes and +C& access
Securit% clearance actions
Advice to vettin' a'enc% of the separation Advice to AS+9 where securit% concerns are present
@
3. !en !enti tify fyin in" " per perso sonn nnel el secu securi rity ty ris# ris# an!atory e+uirement securit% activit% across their or'anisation$ in accordance with the Australian $tandard $tandard A$=N>$ A$=N>$ 8$9 31?2 :isk (anagement@'rinciples and /uidelines and the Australian the Australian $tandards $tandards B 1#&?2# $ecurity risk management
3G. An a'enc%s a'enc%s protection protection a'ainst a'ainst threats threats is onl% as 'ood as the wea=es wea=estt element of its protective securit% 'overnance$ information securit%$ ph%sical securit% and personnel securit%". 3D. Adoptin' Adoptin' a comprehensi comprehensive$ ve$ ris=ba ris=based sed approac approach h to personne personnell securit% securit% is is important in the protection of an a'enc%s resources resources because •
•
•
3@ .
it identi
A'encies are to have personnel securit% measures that •
•
meet other a'encies e?pectations for information sharin' arran'ements$ and meet or e?ceed the minimum controls for the protection of Australian overnment resources.
Personnel security risk re"iew 40. &he use use of approp appropriate riate personn personnel el securit% securit% measures measures can can prevent prevent or deter deter a wide variet% of insider and other threats that ma% include
41.. 41
•
the disclosure or alterin' of Australian overnment information
•
the use of Australian overnment resources without authorisation
•
corruption$ theft or fraud
•
sabota'e$ or
•
unauthorised third part% access to Australian overnment resources.
#or fur furth ther er adv advic ice e see see (anaging the 8nsider hreat to your Business.
42. (ased (ased on their their personn personnel el securi securit% t% ris= ris= review$ review$ a'enc a'encies ies are to determine what chec=s are re/uired for emplo%ment screenin'$ on'oin' suitabilit% to access a'enc% resources and for separation from the a'enc%. a'enc%. &hese ma% include a'enc% speciolice have a pro'ram of random dru' and alcohol testin'.
10
43. #or #or further further advice advice on underta=in' underta=in' a personnel personnel securit securit% % ris= ris= review$ review$ see see the *nited Oin'dom Centre for the >rotection of 7ational +nfrastructure publication 'ersonnel $ecurity :isk Assessment? A guide. guide .
11
%. &mployment sc screenin" an!atory e+uirement P&S&C 10 A'encies must ensure that their personnel who access Australian overnment resources people$ information and assets" are eli'ible1 to have access have had their identit% established are suitable2 to have access$ and a'ree to compl% with the overnments policies$ standards$ protocols and 'uidelines that safe'uard the a'enc%s resources from harm. • • • •
44. A'enc% A'enc% heads heads set the minimum minimum suitab suitabilit% ilit% re/uir re/uirements ements for all new staF staF emplo%ed in their a'encies$ based on the a'enc% ris= assessment$ an% a'enc% speciublic Service Commission publication %onditions o" engagement . 46 .
A'encies are to ensure all personnel a'ree that the% are responsible for safe'uardin' a'ainst loss$ misuse or compromise an% Australian overnment resources for which the% are responsible b% obtainin' a si'ned con
4:. All personne personnell re/uirin' re/uirin' on'oin' on'oin' access access to Austra Australian lian overn overnment ment securit securit% % classi
A'encies nee! to con
$ecommended employment screening 4D .
A'encies are to underta=e emplo%ment screenin' for all new personnel. &his screenin' will allow access to unclassi
4@ .
A'encies shoul! underta=e emplo%ment screenin' that meets or e?ceeds the Australian $tandard 411-2#? 0mployment $creening. $creening.
1
#or a'encies enabled b% the >ublic Service Act 1@@@ eli'ibilit% refers to the re/uirements for en'a'ement of A>S emplo%ees listed in section 22 of the >ublic Service Act 1@@@. A'encies not enabled b% the >ublic Service Act 1@@@ should refer to the re/uirements of en'a'ement of personnel contained within their own enablin' le'islation. 2 &o &o be suitable personnel need to demonstrate /ualiS Code of Conduct"$ behaviours andHor values.
12
60. #urther details details on assess assessin' in' emplo%ment emplo%ment screenin' screenin' chec=s chec=s are are in the 'ersonnel security guidelines@Agency personnel security responsi)ilities. 61 .
A'encies shoul!< based on their ris= assessment$ underta=e periodic reassessments of suitabilit% for emplo%ment.
Agency-speci%c Agency-speci%c employment employment screening checks 62. Additiona Additionall screenin' screenin' chec=s chec=s e.'. e.'. dru' dru' and alcoho alcoholl testin'" testin'" are are a'enc%speci a'enc%speci
conductin' a credit reference chec=
•
obtainin' a conict of interest declaration$ or
•
64 .
obtainin' a si'ned Statutor% eclaration from the person declarin' all information provided to the a'enc% is truthful and complete.
A'encies shoul! advise applicants where additional screenin' is re/uired as part of a condition of en'a'ement or an on'oin' condition of emplo%ment. A'encies shoul! identif% this re/uirement when advertisin' a vacanc% or before oFerin' emplo%ment.
66. Lhile a prospec prospective tive emplo%e emplo%ee e ma% meet meet the the minimum minimum re/uir re/uirements ements for an Australian overnment securit% clearance$ he or she ma% not meet the a'enc%s screenin' re/uirements and viceversa. 6:. +f a'enc%s a'enc%speci< peci
A'en A' enci cies es are are res respo pons nsib ible le for for reviews of their a'enc% speci
$ecording results o# employment and additional agency speci%c screening :0 .
A'encies are to record the results of the emplo%ment screenin' for successful applicants and an% additional a'enc% speci
:1 .
A'encies shoul!< based on their operatin' re/uirements$ determine whether to create a separate >ersonal Securit% #ile for each emplo%ee or add the results to their personnel
13
Additional in#ormation in#ormation :2. Additiona Additionall informat information ion on emplo%ment emplo%ment screenin' screenin' is availab available le from from •
•
•
•
•
A$411-2#? 0mployment $creening B 323-2&? 0mployment $creening and)ook A$ 1-2? Fraud and %orruption %ontrol 're!enting< Cetecting and Cealing with Fraud- :ule A'$ %onditions o" engagement .
14
(. )n"o )n"oin in" " suit suitab abil ilit ity y fo for r empl employ oyme ment nt an!atory e+uirements P&S&C 2 A'encies must have policies and procedures to assess and mana'e the on'oin' suitabilit% for emplo%ment of their personnel. G) 1 A'encies must provide all staF$ includin' contractors$ with sucient information and securit% awareness trainin' to ensure the% are aware of$ and meet the re/uirements :3. An a'enc% a'enc%s s policies policies and and procedur procedures es to asses assess s and mana'e the on'oin' on'oin' suitabilit% for emplo%ment of their personnel will be determined b% the a'enc%s securit% ris= assessmentK see $ection 3 -identi"ying personnel securit secu rity y risk r isks s.
Security awareness& training and education :4. Securit% Securit% awarenes awareness$ s$ trainin' trainin' and and education education provide provide personn personnel el with informa information tion on their responsibilities under the >S># and their a'enc% speci
::.. ::
A'encies are to determine speci
personal safet% and securit% measures in a'enc% facilities and in the
•
con
•
selfmana'in' ris=
•
information control measures needto=now"
•
overseas travel safet% and securit%
•
contact reportin'
•
incident reportin'
•
unusual and suspicious behaviour$ and
•
handlin' and securit% re/uirements for valuable assets.
#or furt furthe herr adv advic ice e see see the the 'rotecti!e security go!ernance guidelines ; $ecurity awareness training. training.
Per#ormance management :G .
A'encies shoul! include personnel securit% compliance as part of their personnel performance mana'ement.
'on(ict o# interest :D. >ublic >ublic con
16
conict of interest. >ersonnel need to be aware that their pri vate interests$ both
Incident in"estigation G0 .
A'encies are to investi'ate reports of a securit% incident in accordance with their a'enc% speci
G1 .
A'encies are to consult with the A#>$ Iurisdictional police$ AS+9 andHor AS where the securit% incident ma% have criminal or 7ational Securit% implications.
G2. #or #or further further details details on on underta underta=in' =in' an investi'ati investi'ation on see 'ro 'rotec tecti!e ti!e securi sec urity ty go!ernance guidelines@:eporting incidents and conducting security in!estigations and in!estigations and the Australian the Australian /o!ernment 8n!estigation $tandard $tandards s . &hese &hese 'uidelines also provide advice on referrin' matters to the appropriate law enforcement a'encies$ AS+9 and the Australian Si'nals irectorate$ dependin' on the nature of the incident.
)onitoring& e"aluating and recording o# ongoing personnel suitability G3. mplo%ment mplo%ment screenin' screenin' and subse/ subse/uent uent emplo%m emplo%ment ent chec=s chec=s provide provide onl% onl% a snapshot of the emplo%ees suitabilit% at a point in time. G4. (ased on their their personnel personnel securit% securit% ris= assessment assessments$ s$ a'encie a'encies s are to have policies and procedures in place to monitor on'oin' suitabilit% of staF. &hese ma% include •
•
•
•
G6 .
re/uirin' mana'ers to monitor all personnels continuin' suitabilit% to access Australian overnment resources advisin' personnel what personal behaviours or concerns that the% are re/uired to reportPe.'. criminal arrests or convictions$ chan'e of circumstances$ contacts that are suspicious$ on'oin'$ unusual or persistent and other si'ni
A'encies shoul! determine the period between ori'inal screenin' and an% subse/uent rescreenin'. &he period will depend on the a'enc%s ris= pro
1:
G: .
A'encies shoul! record the outcomes of their monitorin' and evaluations on the same
1G
*. A"en A"ency cy sec secur urit ity y clea cleara ranc nce e re+u re+uir irem emen ents ts GG. A'enc% A'enc% heads heads ma% re/uire re/uire a securit% securit% clearanc clearance e as a conditio condition n of emplo%men emplo%ment. t. A securit% clearance is a determination de termination b% a vettin' a'enc% that an individual is suitable to access securit% classi
'ooperation in the clearance process GD .
A'encies are to advise clearance subIects of their responsibilities to compl% with the vettin' process. Lhere possible$ a'encies shoul! assist clearance subIects to provide accurate and complete information that is timel%. timel%.
G@.. G@
Clea Cleara ranc nce e sub subIe Iect cts s are to cooperate with the vettin' a'enc% throu'hout the clearance process$ includin' b% providin' within the timeframes advised •
a completed clearance pac=
•
copies of an% re/uested supportin' documents$ and
•
complete and truthful responses.
D0.. D0
Vetti ettin' n' a'en a'enci cies es are to cancel the clearance process for an% failure to cooperate in the clearance process. A'encies are to remove an% access to Australian overnment securit% classi
D1 .
A'encies are to appl% this control to all personnel$ irrespective i rrespective of their position or duties.
D2 .
A'encies are not to use temporar% access provisions to provide access to Australian overnment securit% classi
Identi#ying and recording positions that re!uire a security clearance an!atory e+uirements P&S&C 30 A'encies must identif%$ record and review positions that re/uire a securit% clearance$ includin' the level of clearance re/uired. P&S&C % A'encies must ensure their personnel with on'oin' access to Australian overnment securit% classi
D3. An%one An%one re/uirin' re/uirin' on'oin' on'oin' acces access s to Australia Australian n overnment overnment securit securit% % classi
An a'e a'enc nc% % head head or or thei theirr dele dele'a 'ate te is to decide if a role or position re/uires a securit% clearance.
1D
D6. An a'enc% a'enc% head head ma% re/uire re/uire that that all a'enc% a'enc% staF staF in a particular particular cate'or% cate'or% be cleared to a speci
the nature of the a'enc%s business
•
an a'encies ris= assessment
•
•
the need to access the a'enc%s securit% classi
D:. A'encies A'encies ma% ma% use securit securit% % clearance clearances s as an an assuranc assurance e measure measure in additio addition n to their emplo%ment screenin' and a'enc% speciositions >ositions that have have a business business impact level level of hi'h hi'h or above above ma% ma% include include those those •
•
whose occupants have access to a''re'ations of information or assets$ or where the nature of the position re/uires 'reater assurance about a persons inte'rit%K for e?ample$ a hi'her level of clearance with 'reater bac='round chec=in' to support fraud miti'ation or as an anticorruption measure.
DD .
A'encies shoul! assess whether the chec=s underta=en for a securit% clearance provide the re/uired level of assurance or whether a'enc%speci
D@ .
A'encies are to maintain a re'ister of positions that re/uire a clearance. (efore advertisin' a position$ a'encies are to identif% •
if the position re/uires a securit% clearance
•
the level of clearance re/uired
•
•
@0 .
whether the clearance is for access to Australian overnment securit% classi
A'encies shoul! periodicall% reassess the securit% clearance re/uirement for positions$ at least each time the position becomes vacant and before it is advertised.
Security clearance le"els @1. &here &here are are four four securi securit% t% clear clearanc ance e levels levels i.
=aseline ; provides on'oin' access to information or resources up to and includin' >89&C&.
ii.
e"ative ettin" 8evel 1 5 provides on'oin' access to information or resources up to and includin' SC8&.
iii.
e"ative ettin" 8evel 2 5 provides on'oin' access to information or resources up to and includin' &9> SC8&. SC8&. 1@
iv. iv.
Positive ettin" ; provides access to certain t%pes of sensitive$ caveated$ compartmented and codeword information. >V is an additional process that is desi'ned to ensure$ be%ond reasonable doubt$ that a candidate is suitable to access the hi'hest classiV builds upon the re/uirements for the 'rantin' and maintenance of 7e'ative Vettin' Vettin' !evel 2. >V re/uirements are mana'ed b% the +nterA'enc% +nterA'enc% Securit% #orum on behalf of the Australian +ntelli'ence Communit% and are detailed in the Sensitive Baterial Securit% Bana'ement >rotocol SB SB>" which is onl% available to A'enc% Securit% Advisers.
Table 2 ; nformation access re+uirements
Positive vettin" e"ative vettin" level 2 e"ative vettin" level 1 =aseline
! n a e v i t i s n e S n i a 1 t r n e o C i t a m r o f n ! e t n e m 2 t r a p m o C
T & C & S P ) T
T & C & S
8 A T 7 & 4 9 7 ) C
4 & T C & T ) P
& ? A a 2 h G t i 7 > T 4 2 & 8 9 7 S S ) A T 8 A C 7 7 U 2 & S S 4
4 & 9 S S A 8 C 7 U
&mployment screenin" otes0 1. Access Access to Sensitive Sensitive and Compartm Compartmented ented +nforma +nformation tion is detailed detailed in the Sensitive Sensitive Baterial Securit% Bana'ement >rotocol SBSB>" which is onl% available to those with a need to =now. 2. +n certain limited limited circumsta circumstances nces Compartme Compartmented nted informat information ion is available available at the 7V2 level. #or further information see the SBSB>.
'a"eat and codeword access @2 .
A'encies are to liaise with the a'enc% a'e nc% responsible for administerin' a caveat or codeword to determine the personnel securit% measures me asures re/uired in addition to a securit% clearance. &his could include but is not limited to •
speci
•
reportin' or restrictions on overseas travel.
@3. #or #or further further informat information ion on access access to caveats caveats and codewor codewords$ ds$ refer refer to the Australian overnment +nformation Core >olic% and supportin' >rotocol and 'uidelinesK and the SBSB>. 20
'ontractors re!uiring security clearances @4 .
A'encies are to identif% contractors re/uirin' securit% clearances for access to securit% classi
@6. A'encies A'encies en'a'in en'a'in' ' contract contractors ors who who will will re/uire re/uire securit% securit% clearan clearances ces are to sponsor the contractors clearance. See /o!ernance arrangements ; %ontracting.. %ontracting @:. Contractors Contractors ma% wor= wor= concurr concurrentl% entl% for for a number number of a'encie a'encies. s. &he &he a'enc% a'enc% that that a'enc% is to sponsor a contractor is the a'enc% •
•
re/uirin' the hi'hest level of securit% clearance.
@G.. @G
&he &he lead lead a'e a'enc nc% % for for a con contr trac actt is to sponsor all contractor clearances where a sin'le contract covers a number of a'enciesPe.'. as the result of a panel arran'ement.
@D.. @D
&he &he lea lead d a'e a'enc nc% % is to ensure that the% have arran'ements policies and procedures" in place to ensure the on'oin' suitabilit% of contractors in accordance with this protocol. #or further information see $ection . ; clearance maintenance "or contractors. contractors.
@@.. @@
!ead ead a'en a'enci cies es are to ensure that on'oin' suitabilit% assessments of contractors are included in the contract.
100. +f an interested interested part% becomes aware of a contractors contractors chan'e in circumstances$ the interested part% is to inform the vettin' a'enc%. &he vettin' a'enc% is to inform all other interested parties. #or further information on sharin' see $ection 1.# - $haring 'ersonal 8n"ormation.
Persons employed under the Bembers of >arliament StaF" Act 1@D4 *%th, 1@D4 *%th, *(o'$ Act* 101. $pecial (inister o" $tate Cetermination 212=1 directs 212=1 directs that Binisterial staF emplo%ed under >art +++ of the (em)er (em)ers s o" 'arliamen 'arl iamentt *$ta+, Act Ac t 14 Cth" nee! to obtain and maintain a 7e'ative Vettin' Vettin' !evel 2 securit% clearance. &his direction allows for variation in certain circumstances for electorate ocers. #or further information see Anne? A 8e/uest for variation of Special Binister of States etermination 2012H1 for a Binisters lectorate 9cer. 9cer.
Australian o+ce o+ce holders 102. &he followin' Australian oce oce holders are not re/uired re/uired to hold a securit% clearance to access Australian overnment securit% classi
Bembers and Senators of the Commonwealth$ Commonweal th$ State and &erritor% &erritor% >arliaments 21
•
•
•
•
Qud'es of &he -i'h Court of Australia$ Australia$ &he Supreme Court$ #amil% #amil% Court of Australia$ &he #ederal Circuit Court of Australia and Ba'istrates 8o%al 8o%al Commissioners$ Commi ssioners$ and the overnoreneral$ State overnors$ 7orthern &erritor% &erritor% Administrator$ and members of the ?ecutive Council.
103. 9ther appointed oce oce holders ma% have enablin' le'islation which 'ives the same privile'es as the people identiersonne >ersonnell of the oce holders in para'raphs para'raphs 100 and 100 and 101 are not e?empt from the re/uirements for a securit% clearance and are to be securit% cleared to the appropriate level if the% re/uire on'oin' access to securit% classiS># is limited to the re/uirement for a securit% clearance. A'encies responsible for mana'in' protective securit% for Australian oce holders are to ensure that classiS>#.
,ther access arrangements arrangements Foreign Nationals with non-Australian o"ernment security clearances an!atory e+uirement G) 1' A'encies must adhere to an% provisions concernin' the securit% of people$ information and assets contained in multilateral or bilateral a'reements and 10:. #orei'n #orei'n nationals routinel% contribute to Australias 7ational +nterest +nterest throu'h e?chan'e$ lon'term postin' andHor attachment to the Australian overnment. 10G. #orei'n #orei'n nationals can onl% access Australian overnment overnment securit% classi
•
access the information in accordance with that A'reement or Arran'ement$ and hold a securit% clearance 'ranted b% their national 'overnment which is reco'nised b% the Australian overnment in accordance with the A'reement or Arran'ement.
3
An a'reement or an arran'ement includes treaties$ securit% of information a'reements and memorandums of understandin'.
22
10D. 10D. A'enci A'encies es are not to permit nonAustralian citiEens access to information caveated JAustralian %es 9nl% A*S&9". 7onAustralian citiEens can onl% access other J%es 9nl% information if the% are a citiEen of a countr% included in the %es 9nl% caveat. 10@. 10@. A'enci A'encies es cannot ma=e polic% e?ceptions to A*S&9 and %es 9nl% access re/uirements. #or #or further details see 8n"ormation security management core policy 110. +n limited circumstances circumstances forei'n nationals nationals ma% access information caveated Australian overnment Access 9nl% AA9". AA9 is used b% the epartment of efence$ AS+S and AS+9. &hese a'encies ma% pass information mar=ed with the AA9 caveat to appropriatel% cleared representatives of forei'n 'overnments. 111. AA9 AA9 material received received in other a'encies a'encies is to be handled as if it were mar=ed A*S&9. 112. #or #or further further details details see 8n"ormation security management guidelines@ Australian /o!ernment security classi6cation classi6cation system. system.
.ligibility wai"ers /citi0enship and checkable background* an!atory e+uirements P&S&C ( (efore issuin' an eli'ibilit% waiver citiEenship or chec=able bac='round" and prior to re/uestin' an Australian overnment securit% clearance an a'enc% must •
Iustif% an e?ceptional e?ceptional business re/uirement re/uirement
•
conduct and document a ris= assessment
•
de
•
'ain a'reement from the clearance applicant to meet the conditions of the waiver$ and
113. 113. A'enci A'encies es are to include details in their annual >S># compliance report statin' numbers and levels of securit% clearances 'ranted subIect to •
citiEenship waivers$ and
•
unchec=able bac='round waivers.
114. 9nl% Australian citiEens citiEens with a chec=able chec=able bac='round are eli'ible for an Australian overnment securit% clearance$ unless these eli'ibilit% re/uirements have been waived b% the sponsorin' a'enc% head. A'enc% -eads need to be aware that 'rantin' an eli'ibilit% waiver$ does not 'uarantee that a clearance will be 'ranted b% the vettin' a'enc%. a'enc%.
23
116. Sponsorin' Sponsorin' a'encies a'encies are to con
.ligibility wai"ers 11:. An a'enc% head ma%$ under certain conditions waive the the citiEenship or chec=able bac='round re/uirements for a person to be eli'ible for a securit% clearance. 11G. An a'enc% heads decision to waive an eli'ibilit% re/uirement is to be based on a thorou'h anal%sis of the ris=s to the Australian overnment and the possible impact on the 7ational +nterest. #or further information see 'ersonnel security guidelines@Agency personnel security responsi)ilities. responsi)ilities. 11D. A'enc% heads need need to be aware aware of the inherent inherent ris=s posed from a malicious trusted insider when 'rantin' eli'ibilit% waivers. An% decision to 'rant a waiver needs to be assessed a'ainst and lin=ed to the a'enc%s ris=s. A'enc% heads need to be aware that b% 'rantin' a waiver$ the% are ta=in' on a ris= that ma% be detrimental to the Australian overnment. +f the documents supportin' the waiver do not full% detail the ris=s to the 7ational +nterest$ miti'ations and an% residual ris=s$ the vettin' a'enc% ma% reIect the re/uest for securit% clearance. 11@. &he vettin' vettin' a'enc% a'enc% is to record$ or place$ the waiver on the clearance subIects >ersonal Securit% #ile. 120. An eli'ibilit% waiver is rolespeci
Non-Australian citi0ens 123. 123. An a'enc% a'enc% is to onl% 'rant an eli'ibilit% citiEenship" waiver where •
•
it has been identi
124. >ermanent >ermanent residen residence ce status is not an acceptable alternative to the citiEenship re/uirement. 126. &he vettin' a'enc% a'enc% ma% decline the re/uest for clearance if$ notwithstandin' the citiEenship waiver$ other minimum chec=s are unable to be made$ or standards met. +t ma% not be possible for the vettin' a'enc% to conduct the
24
re/uired chec=s overseas or$ if chec=s can be conducted$ to have con
ncheckable backgrounds 12G. A chec=able bac='round bac='round is established when a vettin' a'enc% has validated validated information provided b% a clearance subIect with respect to their bac='round from independent and reliable sources. 12D. A clearance subIect has has an unchec=able unchec=able bac='round when the vettin' a'enc% cannot complete the minimum chec=s and in/uiries for the relevant chec=in' period$ or the chec=s and in/uiries$ where able to be made$ do not provide ade/uate assurance about the clearance subIects life or bac='round. +n these circumstances$ the vettin' a'enc% ma% decline the re/uest for a clearance. 12@. An% clearance subIect that has spent 'reater than 12 months cumulative" out of Australia within the re/uisite bac='round chec=in' period is to be considered to have an unchec=able bac='round if their periods of time out of Australia cannot be veri
'onditions #or clearances sub2ect to an eligibility wai"er 132. Clearances Clearances 'ranted 'ranted with eli'ibilit% eli'ibilit% waivers are to be subIect to strict conditions. &hese ma% include conditions such as but not limited limi ted to •
the continuation of the eli'ibilit% waiver bein' conditional on the applicant ta=in' Australian citiEenship as soon as the% are eli'ible where the subIect has indicated the% are activel% see=in' citiEenship or do not have a valid reason not to see= citiEenship
26
•
•
•
the a'enc% not allowin' nonAustralian citiEens 'ranted a waiver access to J%es 9nl% information unless it includes the persons countr% of citiEenship and the% have a need to =now the a'enc% not 'rantin' access to securit% classi
133. Sponsorin' Sponsorin' a'encies a'encies are to ensure a person subIect to a waiver follow an% conditions placed on the clearance. Sponsorin' a'encies are to advise vettin' a'encies of an% noncompliance with conditions of the waiver. waiver. 134. &he vettin' vettin' a'enc% a'enc% is to cease a clearance where the clearance subIect does not adhere to the conditions of the waiver. waiver. 136. &he sponso sponsorin' rin' a'enc% a'enc% is to reassess the waiver and advise the vettin' a'enc% if the clearance subIect chan'es duties.
Locally engaged sta3 13:. !ocall% en'a'ed staF who are are not Australian citiEens$ ma% be 'ranted a Jdiplomatic mission clearance. Jiplomatic mission clearances are reco'nised as clearances within the mission the% are 'ranted$ the% are role speci
•
the preferred person for a position re/uirin' a securit% clearance is not an Australian citiEen$ and the a'enc% understands and a'rees to mana'e the ris=.
State or Territory go"ernment security clearances 13@. &he Australian overnment reco'nises reco'nises securit% clearances up to 7e'ative Vettin' 2 issued i ssued b% the States and &erritories if the clearance is underta=en for their own personnel and has been bee n processed in accordance with the Australian the Australian /o!ernment 'ersonnel $ecurity 'rotocol and 'rotocol and supportin' 'uidelines. State and &erritor% &erritor% clearances ma% be transferred transferred between other State and &erritor% a'encies and the Commonwealth. &his is in accordance with the (emorandum o" nderstanding on the 'rotection o" National $ecurity 8n"ormation )etween the %ommonwealth and $tates and erritories erritories *2&,. *2&, . 2:
&he Australian $ecurity 8ntelligence 9rganisation 9rganisation Act 1& Cth" ote &he Australian restricts AS+9 from passin' Securit% Assessments directl% to the States and &erritories. &erritories. 8e/uests 8e/uests b% the States and &erritories for AS+9 Securit% Assessments are facilitated throu'h the Attorne% enerals epartment or the sponsorin' Commonwealth a'enc%.
2G
7. Tempo empora rary ry acce access ss to clas classi si,e ,e! ! information arran"ements an!atory e+uirements P&S&C % A'encies must ensure their personnel with on'oin' access to Australian overnment securit% classi$ 8$9 31?2 and the Australian the Australian $tandards B 1#&?2# $ecurity risk management. 140. &emporar% access allows limited$ supervised access access to securit% classi
Temporary access conditions c onditions 143. 143. A'enci A'encies es are not to use temporar% access provisions for routine business needs or as a substitute for sound personnel mana'ement for temporar% access provisions for B9>S personnel see section &.2". &.2". 144. 144. A'enci A'encies es are to base an% decision to approve temporar% access on a documented ris= assessment. A'encies shoul! consider an% e?istin' miti'atin' factors as part of the ris= assessmentPe.'. holdin' a securit% clearance at a lower level$ emplo%ment screenin' or an% a'enc% specirior to 'rantin' temporar% access the sponsorin' a'enc% is to con
14@. &he sponso sponsorin' rin' a'enc% a'enc% is to withdraw temporar% access to securit% classi
•
&9> SC8& classi
161. &emporar% access to &9> SC8& resources where where the person does not hold a 7e'ative Vettin' Vettin' !evel 1 clearance"$ or caveat$ compartmented or codeword material ma% onl% be 'iven after a polic% e?ception is approved b% the a'enc% head. A'encies shoul! see= a'reement from the information inf ormation owners and compartment controllers$ prior to 'rantin' temporar% access to &9> SC8& resources. 162. Sponsorin' Sponsorin' a'encies a'encies are to advise the vettin' a'enc% of an% temporar% access approved. &he vettin' a'enc% is to record the access on the clearance subIects >S# andHor securit% records database.
Types o# temporary access 163. &here are are two t%pes of temporar% access access arran'ements i.
short term access 5allows an emplo%ee access to Australian overnment classi
ii.
provisional provisional access 5 access to Australian overnment classi
2@
Table 3 ; Summary of temporary access re+uirements
Perio! of access
Classi,e! esources allo>e!
e+uirements0
Short term access
Provisional access
Ba?imum of 3 months in one calendar %ear 2
*ntil clearance 'ranted or denied$ or suitabilit% concerns are identi
&S SC+
&S1
S2$ C2
>
&S SC+
•
documented ris= assessment
•
A'enc% head written approval
•
• •
S2$ C2
>
&he person and their mana'er have si'ned an underta=in' underta=in' to protect ocial resources resources Securit% brie
7HA
•
•
is# miti"ations may inclu!e0
&S 1
•
mplo%ment screenin'
•
A'enc% speci
•
Clearance at a lower level
•
Onowled'e of personal histor%
Complete pac= with vettin' a'enc% Vettin' a'enc% advised there are no obvious suitabilit% concerns
&S 5 &9> SC8&K S 5 SC8&K C 5 C97#+7&+A!K > 5 >89&C&" otes0 1. 9nl% allowed allowed in e?ceptio e?ceptional nal circumst circumstances ances with with an e?istin' e?istin' 7V1 clearan clearance ce and a'enc% a'enc% head approval for temporar% access provisions for B9>S personnel see section &.2". &.2". 2. 9nl% 9nl% allowed allowed in e?cep e?ceptio tional nal circum circumsta stance nces s
Short term access 164. Short term access access to Australian overnment securit% classi
•
a continuous period of three months$ or an a''re'ation of shorter periods of no more than three months in one calendar %ear.
166. Short term access access to >89&C& can be based on a business need. 16:. 16:. A'enci A'encies es are to onl% approve short term access to C97#+7&+A! or SC8& classi
the e?ception is critical to the a'enc% meetin' its i ts outcomes$ and
•
the ris=s to the a'enc% can be miti'ated or mana'ed.
16G. 16G. A'enci A'encies es are to onl% approve short term access to &9> SC8& classi
the person re/uirin' access holds a 7e'ative Vettin' !evel 1 clearance 30
•
the e?ception is critical to the a'enc% meetin' its i ts outcomes$ and
•
the ris=s to an% aFected a'enc% can be miti'ated or mana'ed.
Pro"isional access 16D. Sponsorin' a'encies ma% approve provisional provisional access for up to SC8& securit% classi SC8& classi
the person re/uirin' access holds a 7e'ative Vettin' !evel 1 clearance
•
the e?ception is critical to the a'enc% meetin' its i ts outcomes$ and
•
the ris=s to an% aFected a'enc% can be miti'ated or mana'ed.
1:0. (efore 'rantin' provisional access$ sponsorin' sponsorin' a'encies are to con
•
the clearance applicant has submitted a completed clearance pac= and re/uired documents$ and there are no readil% identi
1:1. A'encies ma% approve approve provisional access access until the clearance process is complete. A'encies ma% chan'e the t%pe of temporar% access from short term to provisional once the vettin' a'enc% has con
Temporary access #or ),PS Act sta3 1:2. +t is reasonable reasonable to e?pect that some staF staF emplo%ed b% an Australian overnment Binister under the B9>S Act will re/uire temporar% access. &his is particularl% relevant followin' an% chan'e of overnment. 1:3. B9>S Act StaF ma% be 'iven temporar% access to &9> SC8& information$ where there is a need to =now$ without the re/uirement to hold a 7e'ative Vettin' !evel 1 clearance$ subIect to •
a detailed ris= assessment
•
consultation with the information ori'inators$ and
•
the ris=s to an% aFected a'enc% can be miti'ated or mana'ed.
1:4. 1:4. B9>s B9>s S StaF taF are not to be 'iven temporar% access to sensitive compartmented$ codeword or caveat information 1:6. A Binisters Binisters >ortfolio >ortfolio epartment epartment shoul! approve short term access for new B9>S Act staF for the epartments Binister until their securit% clearances are 'ranted unless advised to withdraw the access due to concerns includin' non compliance with the clearance process.
31
1::. &he vettin' vettin' a'enc% a'enc% is to notif% the >ortfolio epartment and the epartment of #inance #inance of an% concerns or noncompliance with the securit% clearance process. 1:G. &he epartment epartment of of #inance #inance is to advise >ortfolio epartments of an% Binisterial staF whose clearance process has been cancelled for non compliance with the securit% clearance process. 1:D. &he >ortfol >ortfolio io epartment epartment is to withdraw an% temporar% access to securit% classiS staF whose clearance process has been cancelled. #or more information see Section #.1 - %ooperation in the clearance process
32
-. etti ettin" n" a"en a"ency cy resp respon onsi sibi bili liti ties es an!atory e+uirements P&S&C * A'encies other than authorised vettin' a'encies must use the Australian overnment Securit% Vettin' Vettin' A'enc% to conduct initial vettin' and reviews. P&S&C - Sponsorin' and vettin' a'encies must share information that ma% i mpact on an individuals on'oin' suitabilit% to hold a securit% clearance.
Authority to ma#e clearance !ecisions 1:@. 9nl% vettin' a'encies are authorised authorised to ma=e ma=e clearance decisions.
'on%rming eligibility #or a security clearance 1G0. Vettin' a'encies a'encies are to con
Assessin" Suitability 1G4. Vettin' a'encies a'encies are to •
•
•
•
•
conduct all minimum mandator% chec=s$ as detailed in a) a)lle 4$ and an% appropriate supplementar% chec=s$ and collect all relevant$ reliable and independentl% veri
33
1G6. Vettin' a'encies a'encies shoul! consider an% information the% become aware of$ that is relevant to suitabilit%$ even if the matters falls outside of the minimum chec=in' period. 1G:. &he vettin' vettin' a'enc% a'enc% is to den% a securit% clearance where whe re an% reasonable doubts about the clearance subIects suitabilit% that cannot be resolved. 8easonable 8easonable doubt e?ists when concerns re'ardin' the suitabilit% of a clearance subIect remain after all minimum and an% supplementar% chec=s are completed.
Supplementary checks and in!uiries 1GG. Vettin' a'encies a'encies are to conduct appropriate supplementar% chec=s and in/uiries if the minimum chec=s are insucient to clearl% establish the clearance subIects suitabilit% or unsuitabilit%. unsuitabilit%. #or further details on supplementar% chec=s see 'ersonnel security guidelines@7 guidelines@7etting etting practices. practices .
)itigation 1GD. Lhere the bac='round assessment$ assessment$ includin' supplementar% supplementar% chec=s$ identi
4etting agency consultation with sponsoring agencies 1G@. Vettin' a'encies a'encies are to advise sponsorin' a'encies of an% information provided as part of the vettin' process or on'oin' clearance maintenance that ma% impact on a persons suitabilit% to access Australian overnment resources or where ris= miti'ation measures are re/uired. 1D0. Vettin' a'encies a'encies are to consult with sponsorin' a'encies before 'rantin' a securit% clearance that imposes additional clearance maintenance conditions. 1D1. +f miti'ation is not satis
4etting decisions 1D2. Vettin' a'encies a'encies are to base all vettin' on an assessment of the whole person PSee the AdIudicative uidelines. 1D3. &he vettin' vettin' a'enc% a'enc% is to advise the clearance subIect and sponsorin' a'enc% in writin' of the decision to 'rant includin' an% ris= miti'ations$ den%$ deem ineli'ible or cancel a securit% clearance and an% conditions imposed.
34
Failure to comply with the clearance process 1D4. &he vettin' vettin' a'enc% a'enc% is to cancel a clearance process and notif% the sponsorin' a'enc% where a clearance holder does not compl% with the clearance process re/uirements.
36
Personnel security checks #or initial clearances Table % ; inimum personnel security chec#s an! re+uirements for initial clearances1 Postive ettin"
1. >s%cholo'ical assessment
2. e"ative ettin" 2
#inancial probit% chec=
e"ative ettin" 1
Securit% interview
Securit% interview
i'ital footprint chec=s
i'ital footprint chec=s
i'ital footprint chec=s
3. 4. 6. 3
#inancial #inancial statement
3
#inancial #inancial statement
#inancial statement 3 and supportin' documents
:. Suitabilit% screenin' /uestionnaire
G.
Suitabilit% screenin' /uestionnaire
AS+9 assessment
=aseline ettin" Muali
2
AS+9 assessment
Muali
>rofessional referee chec=
>olice 8ecords Chec= 7o ?clusion" 6 #inancial #inancial histor% chec=D
4
Suitabilit% screenin' /uestionnaire
2
AS+9 assessment
Muali
2
Muali
8eferee chec=s includin' 1 professional" 4
8eferee chec=s includin' 1 professional and 1 un nominated" 4
8eferee chec=s includin' 1 professional and 1 un nominated" 4
>olice 8ecords Chec= #ull ?clusion" 6
>olice 8ecords Chec= #ull ?clusion" 6
>olice 8ecords Chec= #ull ?clusion"
#inancial histor% chec=
#inancial histor% chec=
10 %ear bac='round chec=
9cial se secrets de declaration
9cial se secrets de declaration
9cial se secrets de declaration
9cial se secrets de declaration
Statutor% eclaration
Statutor% eclaration
Statutor% eclaration
Statutor% eclaration
6 %ear bac='round chec=
+dentit% veri
:
+dentit% veri
:
:
#inancial histor% chec=
:
10 %ear bac='round chec=
+dentit% veri
:
:
Lhole of life bac='round chec=
+dentit% veri
G
:
otes0 1. 2. 3. 4.
Suitabilit% is assessed a'ainst the criteria contained in the AnneD E of the 'ersonnel security guidelines - 7etting practices Mualirofessional chec=s are to cover at least the precedin' 3 months. Additional referees ma% be re/uired.
3:
5. #.
&. .
&he application application of spent convictions convictions le'islation le'islation will var% dependent dependent on the the Iurisdiction in which the the oFence occurred. occurred. +dentit% chec=ed in accordance accordance with the Australian +dentit% >rooV". +n addition to documentation to con
3G
5. #.
&. .
&he application application of spent convictions convictions le'islation le'islation will var% dependent dependent on the the Iurisdiction in which the the oFence occurred. occurred. +dentit% chec=ed in accordance accordance with the Australian +dentit% >rooV". +n addition to documentation to con
3G
1D6. &able 4 shows the hierarch% of chec=s and processes that reects reects the level of assurance re/uired for each level of securit% clearance.
Statutory declaration 1D:. Clearance Clearance subIects subIects are to si'n a Statutor% eclaration made under the $tatutory $tatutor y Ceclaration Cecl arations s Act 15 1 5 Cth" Cth" that that con
•
•
the% have provided complete and truthful information to the vettin' a'enc% the% have not altered the ori'inal documents or the copies provided to the vettin' a'enc%$ and the ori'inal documents relate speci
1DG. #or further further information on the re/uirements re/uirements see $tatutor $tatutory y Ceclar Ceclarations ations..
ASI, Security Assessment 1DD. ither the Commonwealth vettin' a'enc%$ or the Commonwealth facilitatin' a'enc% for State and &erritor% assessments$ is to obtain an AS+9 Securit% Assessment for all 7V and >V clearance subIects. &he onl% e?ception is where the vettin' a'enc% has alread% assessed that the person would be unsuitable for a securit% clearance re'ardless of an% assessment AS+9 mi 'ht ma=e. #or further information see 'ersonnel security guidelines@7 guidelines@7etting etting practices.
1D6. &able 4 shows the hierarch% of chec=s and processes that reects reects the level of assurance re/uired for each level of securit% clearance.
Statutory declaration 1D:. Clearance Clearance subIects subIects are to si'n a Statutor% eclaration made under the $tatutory $tatutor y Ceclaration Cecl arations s Act 15 1 5 Cth" Cth" that that con
•
•
the% have provided complete and truthful information to the vettin' a'enc% the% have not altered the ori'inal documents or the copies provided to the vettin' a'enc%$ and the ori'inal documents relate speci
1DG. #or further further information on the re/uirements re/uirements see $tatutor $tatutory y Ceclar Ceclarations ations..
ASI, Security Assessment 1DD. ither the Commonwealth vettin' a'enc%$ or the Commonwealth facilitatin' a'enc% for State and &erritor% assessments$ is to obtain an AS+9 Securit% Assessment for all 7V and >V clearance subIects. &he onl% e?ception is where the vettin' a'enc% has alread% assessed that the person would be unsuitable for a securit% clearance re'ardless of an% assessment AS+9 mi 'ht ma=e. #or further information see 'ersonnel security guidelines@7 guidelines@7etting etting practices. 1D@. Vettin' a'encies a'encies are to provide AS+9 with the details of an% securit% concerns about the clearance subIect.
$e"iews o# security clearances 1@0. Vettin' a'encies a'encies are to underta=e •
•
periodic revalidations of securit% clearances$ and reviews for cause for all clearances where concerns about a clearance holders suitabilit% to hold a clearance are identi
1@1. &he vettin' vettin' a'enc% a'enc% is to advise the clearance subIects sponsorin' a'enc% of an% reviewHinvesti'ation bein' underta=en b% the vettin' a'enc%$ to allow the sponsorin' a'enc% to assess whether to den% access pendin' the outcome of the review.
Periodic $e"alidations 1@2. Vettin' a'encies a'encies are to periodicall% initiate revalidations of all (aseline$ 7e'ative and >ositive Vettin' securit% clearances. 1@3. &he re/uirements re/uirements for the revalidation revalidation of securit% clearances are listed in a)le 5. &he table shows the hierarch% of chec=s and processes that reect the level
3D
of assurance re/uired for each level of securit% clearance. Vettin' Vettin' a'encies are to underta=e additional chec=s to resolve concerns on a caseb%case basis.
Table (0 Summary of minimum revali!ation re+uirements =aseline
e"ative vettin" level 1
&o &o be underta=en b% &o &o be underta=en b% vettin' a'encies at vettin' a'encies at least ever% 16 least ever% 10 %ears. %ears.
e"ative vettin" level 2 &o &o be underta=en b% vettin' a'encies at least ever% 6 %ears.
Positive vettin" &o &o be underta=en b% vettin' a'encies at least ever% 6 %ears.
*pdated personal particulars coverin' period since previous vettin'
*pdated personal particulars coverin' period since previous vettin'
*pdated personal particulars coverin' period since previous vettin'
*pdated personal particulars coverin' period since previous vettin'
>olice records chec= 7o e?clusion"
>olice records chec= #ull e?clusion"
>olice records chec= #ull e?clusion"
>olice records chec= #ull e?clusion"
#inancial histor% chec=
#inancial histor% chec=
#inancial histor% chec=
#inancial histor% chec=
1 professional referee chec=
1 professional referee chec=
2 referee chec=s 5 includin' 1 professional and 1 unnominated"
3 8eferee chec=s includin' 1 professional and 1 unnominated"
AS+9 chec=
AS+9 chec=
AS+9 chec=
#inancial st statement
#inancial st sta atement
#inancial st sta atement and supportin' documents
+nterview
+nterview
1@4. 1@6.
1@:. 1@G.
>s%cholo'ical assessment
$e"iews #or cause 1@D. A review for cause ma% be initiated whenever a securit% securit% concern re'ardin' re'ardin' a clearance subIect arises. 1@@. *pon receipt of information raisin' concerns concerns about the the suitabilit% of a clearances holder$ vettin' a'encies are to assess if a review for cause is warranted. 200. >rior to initiatin' a review for cause the vettin' a'enc% is to advise the sponsorin' a'enc% and interested parties for contractors". +f the sponsorin' a'enc% or interested parties for contractors" advises of an% on'oin' investi'ation that mi'ht be compromised b% the review for cause the vettin' a'enc% shoul! not commence the review until the investi'ation is complete. 201. Vettin' a'encies a'encies shoul! advise the clearance subIect prior to startin' an% reviews for cause$ and the reasons for the review. review. 202. Sponsorin' Sponsorin' a'encies a'encies shoul! advise the clearance subIect of their responsibilit% to compl% with the review for cause process.
3@
203. Vettin' a'encies a'encies are to underta=e an% chec=s re/uired to resolve the concerns" that led to the initiation of the review for cause. &his ma% include •
tar'eted chec=s to resolve an issue$ or
•
a full revalidation if the concerns are wide ran'in'.
204. Vettin' a'encies a'encies are to advise both the clearance subIect and the sponsorin' a'enc% includin' interested parties for contractors" of the review f or cause outcome.
Ad"erse Ad"erse %ndings 206. ecisions and actions actions ta=en durin' a securit% clearance could be subIect subIect to Iudicial review. review. Vettin' Vettin' a'encies will need to demonstrate that the% have met the re/uirements of procedural fairness. #or further information see section :.2 of the 'ersonnel security guidelines ; 7etting practices. practices. 20:. Lhere a decision decision is made to to den% a clearance$ clearance$ the vettin' a'enc% a'enc% is to inform the clearance subIect of the procedures for see=in' a review of the decision. 20G. &he vettin' vettin' a'enc% a'enc% is to also advise the sponsorin' a'enc% of the decision to den% the clearance. 20D. Vettin' a'encies a'encies are to report an% denial of 7V and >V securit% clearances$ includin' an% e?clusion periods$ to AS+9.
ASI,-initiated re"iew re"iew o# ASI, Security Security Assessment Assessment 20@. AS+9 ma% provide provide preliminar% advice advice to a Commonwealth a'enc% a'enc% re'ardin' the subIect of an AS+9 securit% assessment pendin' the issuin' of a new AS+9 securit% assessment. 210. 210. Sectio Section n 3@ of the A$89 the A$89 Act permits Act permits Commonwealth a'encies to ta=e appropriate action such as suspendin' a persons securit% clearance and preventin' on'oin' access to classi
$e"iews o# security clearance processes and outcomes 212. Vettin' a'encies a'encies are to have procedures to resolve an% 'rievances and are to advise the clearance subIect of these procedures as part of the clearance process. 40
213. Vettin' a'encies a'encies are to resolve an% 'rievances raised b% the clearance subIect re'ardin' •
•
the securit% clearance process$ and the manner in which the vettin' a'enc% conducted the clearance$ or the decision made.
214. Vettin' a'encies a'encies are to advise the clearance subIect of these procedures as part of the clearance process.
$e"iew o# clearance decisions 216. Clearance subIects or sponsorin' sponsorin' a'encies ma% see= a review of an% securit% clearance decision. &he initial review is to be carried out b% the vettin' a'enc% responsible for den%in' or var%in' a clearance. 21:. An application b% a clearance subIect for a review does not chan'e the the ori'inal decision. A review ma% determine that the process was awed and a new process should be underta=en. 21G. Clearance subIects ma% also see= e?ternal e?ternal review. review. &he avenue for review will var%. Some e?amples are •
•
A>S emplo%ees ma% see= review throu'h the Australian >ublic Service Commissioner or the Commonwealth 9mbudsman$ and contractors ma% see= review throu'h the 9ce of the Commonwealth 9mbudsman.
21D. An% person ma% see= review throu'h throu'h the #ederal #ederal Court. 21@. &he dele'ate dele'ate for the purposes purposes of the review review shoul! be independent from the ori'inal decision de cision ma=er. ma=er. 220. 22 0. &he &he 'u)lic $er!ice :egula :egulations tions 1 1 Cth" provides 'uidance on review processes for A>S emplo%ees. 221. &he vettin' a'enc% and the clearance subIect subIect see=in' the the review are to co operate full% with the review process.
Trans#er o# Personal Security Files 222. Vettin' a'encies a'encies are to transfer >S#sPto the e?tent that their enablin' le'islation allowsPto the new vettin' a'enc% when a clearance holder transfers to another a'enc% covered b% a diFerent vettin' a'enc%. a'enc%. #or further information see 'ersonnel security guidelines@7etting practices. practices . 223. &he receivin' receivin' vettin' vettin' a'enc% a'enc% is to address an% anomalies within the incomin' clearance subIects >S# at the time of transfer. transfer. 224. Vettin' a'encies a'encies are to advise sponsorin' a'encies of an% concerns with the transferrin' clearance holder,s >S#. >S#. &he sponsorin' a'enc% can then ma=e a ris= based decision on continuin' access b% the clearance subIect to securit% 41
classi
$ecognition o# clearances 226. Vettin' a'encies a'encies are to reco'nise the securit% clearances 'ranted b% another vettin' a'enc%$ unless •
the clearance has e?ceeded its revalidation period
•
the clearance was 'ranted with an eli'ibilit% waiver$ or
•
the vettin' a'enc% has concerns that the incomin' clearance subIect is no lon'er suitable to access Australian overnment securit% classi
Acti"e and and inacti"e clearances clearances 22:. An active clearance is a securit% clearance that is sponsored sponsored b% an Australian overnment a'enc%$ and bein' maintained b% a clearance holder and sponsorin' a'enc%. 22G. An inactive clearance is a securit% clearance that is within the revalidation revalidation period$ however the clearance •
•
•
is not sponsored b% an Australian overnment A'enc% is not bein' maintained b% the clearance holder for a period 'reater than si? months due to lon' term absence from f rom their role$ and for the >ositive Vettin' level is unsponsoredK however$ an annual securit% chec= was completed within the last two %ears.
22D. Securit% clearances without sponsorship$ but still within the revalidation period$ are considered inactivePi.e. the clearance is not in use but has not been cancelled as a result of a review for cause. 22@. *pon noti
4etting sta3 training and !uali%cations 231. Vettin' a'encies a'encies are to use /uali
42
232. Vettin' a'encies a'encies are to0 •
•
provide appropriate initial and supplementar% trainin' to assessin' ocers$ and assess$ and periodicall% reassess$ the competenc% of assessin' ocers.
233. 23 3. See See the the 'ersonnel security guidelines - 7etting practices for practices for details of /uali
4etting agencies5 management o# outsourced "etting pro"iders 234. Vettin' a'encies a'encies are to ensure contractors en'a'ed in vettin' meet the re/uirements of the >S># and an% a'enc% speci
43
$. A"en A"ency cy resp respon onsi sibi bili liti ties es fo for r act activ ive e monitorin" of clearance hol!ers an!atory e+uirements P&S&C 70 A'encies must establish$ implement and maintain securit% clearance policies and procedures for clearance maintenance in their a'encies. P&S&C - A'encies and vettin' a'encies must share information that ma% impact on an individuals on'oin' suitabilit% to hold an Australian overnment securit% clearance. G) 1 A'encies must provide all staF$ includin' contractors$ with sucient information and securit% awareness trainin' to ensure the% are aware of$ and meet the re/uirements of the >S>#. 236. Clearance maintenance is a Ioint responsibilit% responsibilit% of vettin' a'encies$ a'encies$ sponsorin' a'encies and the individual clearance holder. &he purpose of clearance maintenance is to provide continuin' miti'ation to the ris= from the malicious trusted insider. insider. +t is an on'oin' process throu'hout the life of a securit% clearance. 23:. Vettin' a'encies are are responsible for the the periodic review of of clearance holders suitabilit% revalidations" and conductin' an% reviews for cause when speci
•
•
•
•
•
providin' securit% awareness trainin' and securit% clearance speci
23D. &hese responsibilities responsibilities are in addition addition to the controls controls identi
Security awareness training #or clearance holders 23@. 23@. A'enci A'encies es are to ensure that people who have access to Australian overnment securit% classi
•
•
advise clearance holders and their mana'ers of their da%toda% securit% responsibilities advise clearance holders and their mana'ers of their reportin' re/uirementsPfor e?ample
-
chan'es of circumstances$ and
-
suspicious$ on'oin'$ unusual or persistent contacts.
provide the clearance holder with a brie
241. A'encies ma% also need to coordinate coordinate additional trainin'H brie
)anaging speci%c clearance maintenance re!uirements 242. Some concerns identi
•
underta=e an% additional speci
244. Lhere compliance with with additional re/uirements re/uirements is not met b% the clearance subIect$ the vettin' a'enc% is to underta=e a review for cause into the clearance subIects on'oin' suitabilit%. suitabilit%. &he resultant action b% the vettin' a'enc% ma% be the variation or withdrawal of a securit% clearance.
Annual health health check 246. 246. A'enci A'encies es are to annuall% re/uire •
clearance holders to con
•
•
-
all chan'es of circumstances$ and
-
an% suspicious$ on'oin'$ unusual or persistent contacts
clearance holders to complete an% re/uired securit% awareness trainin'$ and mana'ers responsible for personnel to con
24:. 24:. A'enci A'encies es are to report an% securit% concerns the% have as to the on'oin' suitabilit% of their clearance subIects to their vettin' a'enc%. a'enc%. 24G. &he annual health chec= does not replace an a'enc%s a'enc%s on'oin' responsibilit% responsibilit% for their performance mana'ement includin' code of conduct investi'ations. •
#or further information on the annual health chec= see section 14.1 of the 'ersonnel security guidelines ; Agency personnel security responsi)ilities re sponsi)ilities..
Sharing o# in#ormation 24D. 24D. A'enci A'encies es are to provide vettin' a'encies with an% information about the suitabilit% of a person to hold a securit% clearance. &his includes but is not limited to •
ne'ative results of a'enc% speci
•
reportable chan'es of circumstances
•
suspicious$ on'oin'$ unusual or persistent contacts
•
incident and investi'ation results$ and
•
where a breach of the code of conduct has been established or a securit% violation proven or personnel mana'ement concerns that ma% call into /uestion the inte'rit% of the person.
24@. 24@. A'enci A'encies es shoul! not use the clearance review process to deal with personnel mana'ement problems e.'. underperformance". -owever$ if it is l i=el% that such concerns could aFect a persons suitabilit% to hold a clearance$ cle arance$ line mana'ers shoul! notif% their a'enc% securit% section who in turn ma% notif% the vettin' a'enc%. 260. Vettin' a'encies a'encies are to advise sponsorin' a'encies of an% suitabilit% concerns raised about clearance subIects and an% pendin' or active reviews for cause. +n such cases and based on a ris= assessment the sponsorin' a'enc% is to$ determine whether to limit or suspend the clearance subIects access to securit% classi
$eportable changes o# personal circumstances 261. 26 1. A'en A'enci cies es are to re/uire their clearance holders to advise the a'enc% securit% section of an% reportable chan'es in personal circumstances. #or #or further details on what is a reportable chan'e of circumstance see 'ersonnel security guidelines ; Agency personnel security responsi)ilities. responsi)ilities .
4:
262. 26 2. A'en A'enci cies es are to also re/uire a'enc% personnel to advise the a'enc% of chan'es in personal circumstances of other clearance holders if the% have concerns that ma% be relevant to a clearance holders suitabilit%. suitabilit%. 263. 263. &he a'enc% a'enc% is to then advise the vettin' a'enc% of an% noti
'ontact reporting under the Australian o"ernment 'ontact $eporting Scheme 264. 264. A'enci A'encies es are to re/uire their personnel to report suspicious$ on'oin'$ unusual or persistent contacts with forei'n ocials and other forei'n nationals to their a'enc% securit% section. 266. 266. A'enci A'encies es are to •
collect Contact 8eports from their personnel
•
ac=nowled'e receipt of all reports
•
assess the reports$ and
•
forward an% reports of suspicious$ on'oin'$ unusual or persistent nature to AS+9 5 Contact 8eportin'.
26:. #or #or further informa information tion see 'ersonnel security guidelines ; Agency personnel security responsi)ilities. responsi)ilities.
$eporting security incidents to "etting agencies and other appropriate agencies 26G. 26G. A'enci A'encies es are to advise the vettin' a'enc% of 0 •
•
an% securit% violations 4 attributed to particular securit% clearance holders as reasonabl% practicable$ and the results of an% investi'ations into securit% breaches attributed to particular securit% clearance holders and conduct or incidents that ma% indicate a disre'ard for securit% b% clearance holdersPe.'. multiple infrin'ements of a'enc% securit% policies.
26D. 26D. A'enci A'encies es are to consult with the Australian #ederal >olice A#>" andHor A#>" andHor the Australian Securit% +ntelli'ence 9r'anisation AS+9" in AS+9" in respect of investi'ations that ma% have potentiall% serious issues. 26@. 26@. A'enci A'encies es are to also advise securit% incidents to •
•
the irector$ Australian Si'nals irectorate for matters relatin' to the Australian overnment +nformation Securit% Banual +SB" the irectoreneral$ irectoreneral$ Australian Securit% +ntelli'ence 9r'anisation for matters relatin' to national securit%$ and
4
Securit% violation 5 a deliberate action that leads$ or could lead$ to the compromise of ocial resourcesK or an accidental failure that leads to the compromise of C97#+7&+A! or above material.
4G
•
the heads of an% a'encies whose people$ information or assets ma% be aFected.
2:0. 2:0. A'enci A'encies es are to withdraw all access to securit% classi
'hange o# sponsorship o# security clearances 2:6. Lhere clearance holders holders are movin' permanentl% from one a'enc% to another and re/uire a securit% clearance for their new role$ the 'ainin' a'enc% is to re/uest a transfer of the clearance sponsorship. 9nce transferred$ the 'ainin' a'enc% has on'oin' responsibilit% for the clearance maintenance. 2::. ainin' ainin' a'encies a'encies are to onl% sponsor clearances at the level re/uired for the position the person will be occup%in'Pe.'. the 'ainin' a'enc% will onl% sponsor an 7V1 clearance for an e?istin' 7V2 holder who moves to a position re/uirin' an 7V1 clearance. 2:G. 2:G. A'enci A'encies es shoul! advise the chan'e of a'enc% to the vettin' a'enc%. a'enc%.
Personnel on temporary trans#er or secondment 2:D. 2:D. A'enci A'encies es shoul!< in consultation with the persons pe rsons home a'enc%$ ma=e a determination of whether the clearance sponsorship should sta% with the home a'enc% or be transferred for the duration of the transfer or secondment. 2:@. Lhere temporar% personnel personnel have been 'ranted a securit% clearance b% a State or &erritor% &erritor% in accordance with the >S>#$ the clearance is to be reco'nised b% the 'ainin' a'enc% for the period of the transfer or secondment. A'encies should re/uest con
6
Securit% breaches 5 an ac cidental or unintentional failure to observe the re/uirements for handlin' ocial resources involvin' material classi89&C&
4D
'learance maintenance #or personnel on secondment or temporary assignment 2G0. 2G0. A'enci A'encies es are to a'ree on the clearance maintenance arran'ements before a secondment or temporar% assi'nment commences. 2G1. +rrespective +rrespective of the a'reed clearance maintenance arran'ements$ a'encies are to advise of an% identi
Personnel on etended lea"e 2G2. 2G2. A'enci A'encies es are to have procedures to notif% their a'enc% securit% staF of personnel plannin' to 'o on e?tended leave. &he period will depend on the a'enc%s ris= pro
'learance maintenance #or contractors 2G4. &here are are additional ris=s for the the on'oin' maintenance and mana'ement of securit% clearances for contractors. 2G6. +n addition addition to provisions provisions outlined outlined in $e $ecti ction on - Agency responsi)ilities "or acti!e monitoring o" clearance holders$ holders$ contracts are to contain clearance maintenance provisions includin' •
•
•
arran'ements for dealin' with an% reportable chan'es in circumstances and the reportin' and investi'ation of securit% incidents or breaches the re/uirement for contract staF to protect the a'enc%s information and assets$ and on'oin' securit% awareness trainin' that includes the contractin' compan%s responsibilit% to re/uire contracted staF to
-
protect the a'enc%s assets and information i nformation
-
report chan'es in personal circumstances$ and
-
report suspicious$ on'oin'$ unusual or persistent contacts.
2G:. 2G:. &he a'enc% a'enc% shoul! re/uire the contractin' compan% to inform the a'enc% if i f an individual emplo%ed b% the compan% isHhas •
emplo%ed on other concurrent contracts with other a'encies or 'overnments$ so that all aFected a'encies can be advised of an% securit% concerns and can identif% an% conicts of interest
•
emplo%ed on an% new contracts
•
been e?pelled from an accreditin' bod%
•
been arrested or is under'oin' disciplinar% proceedin's 4@
•
subIect to law enforcement action or criminal le'al proceedin's$ or
•
been dismissed$ has resi'ned or is on lon' term leave.
2GG. 2GG. &he a'enc% a'enc% shoul! include in the contract •
•
an% standards of behaviour which it also e?pects emplo%ees to observe relatin' to code of conduct and the application of protective securit% measures$ and provisions for revo=in' ph%sical and +C& access upon a contracted staF members e?it from the compan%.
2GD. #or further advice on protective protective securit% in contractin' see /o!ernance see /o!ernance arrangements ; %ontracting and %ontracting and the Centre for >rotection of 7ational +nfrastructure *O" publication Jhe J he secure procurement o" contracting sta+ - a good practice pract ice guide guid e "or the oil and an d gas industry industr y .
'learance sponsorship o# contractors that are no longer acti"ely engaged by an agency 2G@. 2G@. !ead !ead a'encie a'encies s are to advise vettin' a'encies that securit% clearance sponsorship has been withdrawn for contractors when the% are no lon'er activel% en'a'ed b% that a'enc%. 2D0. Vettin' a'encies a'encies are to notif% an% interested parties other a'encies" that the lead a'enc% has withdrawn w ithdrawn sponsorship for the contractor. contractor. +f the interested part% re/uires the contractor to hold a securit% clearance$ the% wi ll need to ta=e on sponsorship of that contractor. contractor. &his includes the responsibilities for clearance maintenance. #or further information see $ection 1.1. 1.1.
60
1'. A"ency A"ency separatio separation n actions actions an!atory e+uirement P&S&C $0 A'encies must have separation policies and procedures for departin' clearance holders$ which includes a re/uirement to •
•
inform vettin' a'encies when a clearance holder leaves a'enc% emplo%ment or contract en'a'ement$ and advise vettin' a'encies of an% securit% concerns.
Prior to separation 2D1. >rior to a clearance holders separation separation an a'enc% is to •
•
•
debrief separatin' personnel who have access to
-
Australian overnment classi
-
codeword information and advise the a'enc% providin' the codeword information"$ andHor
-
caveat information.
remind the clearance holder of their continuin' personal obli'ations under the Crimes Act$ Criminal Code and other relevant le'islation$ and obtain formal ac=nowled'ement of that continuin' obli'ation.
2D2. 2D2. A'enci A'encies es are to report an% securit% concerns noncompliance with the separation procedures" about departin' clearance holders to the vettin' a'enc% and AS+9 Securit% as deS# where it will be reviewed prior to consideration of an% new vettin' action. 2D4. +f departin' clearance holders holders do not cooperate cooperate with these procedures procedures or are are otherwise assessed to pose a ris= to securit%$ the a'enc% is to underta=e a ris= assessment and implement miti'ations.
,n separation 2D6. 9n separation separation of a clearance clearance holder$ holder$ an a'enc% is to advise the the vettin' vettin' a'enc% •
•
that the clearance holder has left$ and of the details$ if =nown$ of an% other a'enc% or contracted service provider the clearance holder is transferrin' to
61
2D:. 2D:. A'enci A'encies es are to forward a cop% of a si'ned reco'nition of continuin' obli'ation to the vettin' a'enc%. 2DG. Lhere emplo%ees leave before these actions have been been completed$ the a'enc% securit% advisor is to review the circumstances to ascertain whether there are an% securit% related concerns. 2DD. 2DD. &he a'enc% a'enc% is to report an% such concerns to the vettin' a'enc% and AS+9.
Separation o# contractors 2D@. Sponsorship of a contractor clearance ceases when when the contractor contractor no lon'er has a business relationship with the sponsorin' a'enc%. a'enc%. 2@0. 2@0. An a'enc% a'enc% shoul! include in their contracts an obli'ation on the contractin' compan% to advise the a'enc% when the contractors staF or subcontractors with sponsored clearances have ceased to wor= on the a'enc%s contract. 2@1. 2@1. A'enci A'encies es are to advise the vettin' a'enc% when a sponsored contractor no lon'er re/uires a securit% clearance to access the a'enc%s securit% classi
62
Anne/ A0 e+uest for variation of Special inister of States 4etermination 2'1251 for a inisters &lectorate &lectorate )6cer 2@3. *nder etermination 2012H1$ a Binisters Chief of StaF ma% re/uest re/uest a variation of the securit% clearance re/uirement from the Secretar% of the Attorne% enerals epartment where •
•
the person is an electorate ocer the electorate ocer is not re/uired to access$ and will not come into contact with$ securit% classi
-
above >89&C& for electorate ocers emplo%ed b% a 7ational Securit% Committee of Cabinet 7SC" Binister$ or
-
above SC8& for electorate ocers emplo%ed b% a non7SC Binister.
2@4. &he Secretar%$ Attorne%enerals Attorne%enerals epartment will approve the the re/uest to to var% the re/uirement for a 7e'ative Vettin' !evel !evel 2 securit% clearance followin' a recommendation b% the >ortfolio epartment that con89&C& or SC8& as appropriate see above". 2@6. &he followin' securit% securit% clearance levels levels are to appl% appl% •
•
7e'ative Vettin' !evel 2
-
electorate ocers for 7SC Binisters who access securit% classi89&C&$ and
-
electorate ocers for Binisters who are not members of the 7SC$ and who access securit% classi SC8&.
7e'ative Vettin' !evel 1
-
•
electorate ocers for Binisters who are not members of the 7SC$ and who access securit% classi
(aseline
-
electorate ocers who access ocial information inf ormation and securit% classi89&C&.
63
e+uest for variation of Special inister of States 4etermination 2'1251 for a inisters &lectorate )6cer All staF emplo%ed b% Binisters$ includin' >arliamentar% Secretaries$ emplo%ed under >art +++ of the (em)ers o" 'arliament *$ta+, Act 14 are 14 are re/uired to be securit% cleared to 7e'ative Vettin' !evel 2 unless the staF member - is an electorate ocer$ and - does not re/uire access to$ and will not be e?posed to$ securit% classiortfolio >ortfolio epartment endorsed endorsed the re/uest for variation$ variation$ A7 •
•
•
Binisters Chief of StaF re/uest for variation 7ame of electorate ocer + certif% that
inisters name is an electorate ocerBfor
and is not re/uired to access$ and will not come into contact with$ &9> SC8& securit% classi
H
9or>ar! re+uest to the A"ency Security A!viser of the Portfolio 4epartment >ortfolio epartment endorsement of re/uest 7ame of >ortfolio epartment + endorse the re/uest to var% the re/uirement for a 7e'ative Vettin' !evel 2 securit% clearance for the above mentioned electorate ocer ocer. + con SC8& material$ and ma% have access to or come i n contact with securit% classi
At or below >89&C&
A& C97#+7&+A! 98 SC8&
&ic= whichever is applicable"
7ame and position of endorsin' ocer
Si'nature
ate
H Sen! to0 Protective Security Policy =ranch< Attorney@Generals 4epartment<3@( ational Circuit< =AT) ACT 2*''
Approval of re+uest As the dele'ate for Secretar%$ Attorne%enerals epartment$ + var% the re/uirement for the above mentioned electorate ocer to be securit% cleared to 7e'ative Vettin' !evel 2$ subIect to them under'oin' (aseline 7e'ative Vettin' !evel 1 Varia riatio tion no not a roved oved 7e 7e ative tive Vett ettin !evel evel 2 re re uir uired ate
Si'nature
H
7ame and position of approvin' ocer
H
Sen! to0 inisterial an! Parliamentary Parliamentary Services< 4epartment of 9inance 9inance an! 4ere"ulation< Par#es Place< PA?&S ACT 2*''
64
H