The People Security domain is focused on making sure the right people are employed for the right job, meaning our people can be trusted to access Tasmanian Government resources. This domain explains how to screen and vet your agency people, including contractors, and also managing the ongoing suitability of those people and their separation.

Required outcome

Each agency ensures its people are suitable to access Tasmanian Government assets and meet the required standards of honesty and integrity.

To assist agencies to achieve this security outcome, Tasmania’s Protective Security Policy Framework (TAS-PSPF) includes 3 People Security (PESEC) core requirements, supported by a varying number of supplementary requirements and a guiding policy for each. These requirements cover the duration of a person’s employment in the Tasmanian Government, from recruitment to separation.

People Security policies

PESEC-1: Recruiting the right people

Context

Agencies must apply a risk-based approach to employment processes, ensuring the suitability of their people, and external providers, to access Tasmanian Government assets. The suitability and validation of agency people should be assessed through pre-employment screens and security vetting where required.

Core requirement

Accountable Authorities must assess the initial suitability, and validate the identifies, of people who have access to, or are seeking access to, Tasmanian Government assets.

Policy guidance

PESEC-2: Ongoing suitability assessment

Context

People engaged with the Tasmanian Government have access to valuable information and assets which are vulnerable to compromise and harm. Ensuring the ongoing suitability of people reduces operating risks to agencies and enhances trust networks interjurisdictionally. Ongoing engagement should be based on continued compliance with relevant suitability screens and vetting.

Core requirement

The Accountable Authority must ensure the ongoing suitability of their people to access official information and assets, while ensuring compliance with the TAS-PSPF.

Policy guidance

PESEC-3: Managing separating people

Context

Agencies must apply prescribed and consistent management protocols for separating and transferring people, including the adjustment or termination of access as required, to protect the integrity, confidentiality and availability of Tasmanian Government information and assets.

Core requirement

The Accountable Authority must ensure adequate management of all separating people.

Policy guidance