A key message of the Good Governance Guidelines is that many of the controls required to ensure appropriate and secure management of an agency’s computer and information systems do not require expensive technology or large numbers of specialist resources - good controls can be achieved through appropriate implementation and management of basic policies, procedures and practices.
The following model policies have been developed to further assist agencies in achieving their information security responsibilities by providing a tool which can be used when developing a policy or reviewing existing policies. These policies were developed at the request of agency information security advisors with significant contributions from the Department of the Attorney-General (convenor), the Western Australian Police, the Department of Racing, Gaming and Liquor, Main Roads, the Public Sector Commission and others with an interest in the particular policy under development.
The model Information Security Management Policy (with delegations) is based on the International Standards for Information Security.
The model Backup and Recovery Policy covers all aspects of backup and recovery for agency data.
For more information contact the Cyber Security Team.