Main

Conclusion: CIOs should consider the environments for their PROTECTED information, both when building new capability and/or when renewing older infrastructure and services. The need to have cost-effective infrastructure services (in-house or IaaS), accredited security of services and responsiveness for clients using the service are three key deliverables for any CIO.

The Australian Government has identified PROTECTED ratings be applied where systems and data are at risk and where the systems or data are critical to ensuring national interest, business continuity and integrity of an individual’s data. Critical business functions are a combination of the IT systems they run on and the data they consume.

Defining what should be afforded a PROTECTED rating and therefore adequately protected is an ongoing challenge. The Australian Government’s Information Security Manual (ISM) and recent legislation “Security of Critical Infrastructure Act 2018” detail the requirements and framework for reporting, on government-run IT systems and critical infrastructure. Using this framework as a base, organisations should assess whether the data or IT environments that support critical business functions should be treated as PROTECTED.

Existing Client Login



This Advisory paper is only available to IBRS Advisory clients. To find out more about becoming an IBRS Advisory client complete the attached form and we will be in touch.
Please let us know your name.
Please let us know your email address.
Please enter a valid phone number
Invalid Input

Register to read more...

Related Articles:

"Canberra-based Azure is about much more than security" IBRS, 2018-04-14 13:43:57

"On-Premises Cloud: Real flexibility or just a finance plan?" IBRS, 2017-05-06 06:37:20

"Running IT-as-a-Service Part 33: How to transition to hybrid Cloud" IBRS, 2017-08-02 02:32:44

Sitemap