• Model Policies

    A key message of the Good Governance Guidelines is that many of the controls required to ensure appropriate and secure management of an agency’s computer and information systems do not require expensive technology or large numbers of specialist resources - good controls can be achieved through appropriate implementation and management of basic policies, procedures and practices.

    The following model policies have been developed to further assist agencies in achieving their information security responsibilities by providing a tool which can be used when developing a policy or reviewing existing policies. These policies were developed at the request of agency information security advisors with significant contributions from the Department of the Attorney-General (convenor), the Western Australian Police, the Department of Racing, Gaming and Liquor, Main Roads, the Public Sector Commission and others with an interest in the particular policy under development.

    The model Information Security Management Policy (with delegations) is based on the International Standards for Information Security.

    The model Information Confidentiality and Privacy Policy is based on State legislation and the National Privacy Principles as defined in the Privacy Act 1988 (Cth). It was prepared at the request of agency information security advisors with significant contributions from the Department of the Attorney General (convenor), the Western Australia Police, Disability Services Commission, Commerce and Main Roads. The Information Commissioner and State Solicitor’s Office were also consulted regarding the inclusion of the National Privacy Principles.

    The model Backup and Recovery Policy covers all aspects of backup and recovery for agency data.
    For more information contact the Cyber Security Team. 

    For more information contact the Cyber Security Team.