The People Security domain is focused on making sure the right people are employed for the right job, meaning our people can be trusted to access Tasmanian Government resources. This domain explains how to screen and vet your agency people, including contractors, and also managing the ongoing suitability of those people and their separation.
Required outcome
Each agency ensures its people are suitable to access Tasmanian Government assets and meet the required standards of honesty and integrity.
To assist agencies to achieve this security outcome, Tasmania’s Protective Security Policy Framework (TAS-PSPF) includes 3 People Security (PESEC) core requirements, supported by a varying number of supplementary requirements and a guiding policy for each. These requirements cover the duration of a person’s employment in the Tasmanian Government, from recruitment to separation.
PESEC-1: Recruiting the right people
Context
Agencies must apply a risk-based approach to employment processes, ensuring the suitability of their people, and external providers, to access Tasmanian Government assets. The suitability and validation of agency people should be assessed through pre-employment screens and security vetting where required.
Core requirement
Accountable Authorities must assess the initial suitability, and validate the identifies, of people who have access to, or are seeking access to, Tasmanian Government assets.
Policy guidance
PESEC-2: Ongoing suitability assessment
Context
People engaged with the Tasmanian Government have access to valuable information and assets which are vulnerable to compromise and harm. Ensuring the ongoing suitability of people reduces operating risks to agencies and enhances trust networks interjurisdictionally. Ongoing engagement should be based on continued compliance with relevant suitability screens and vetting.
Core requirement
The Accountable Authority must ensure the ongoing suitability of their people to access official information and assets, while ensuring compliance with the TAS-PSPF.
Policy guidance
PESEC-3: Managing separating people
Context
Agencies must apply prescribed and consistent management protocols for separating and transferring people, including the adjustment or termination of access as required, to protect the integrity, confidentiality and availability of Tasmanian Government information and assets.
Core requirement
The Accountable Authority must ensure adequate management of all separating people.
Policy guidance