Disclaimer: The Commonwealth Protective Security Policy Framework (PSPF) has recently issued a policy update recognising OFFICIAL: Sensitive as a security classification. As OVIC aligns with the protective marking scheme of the PSPF, OVIC will be updating its guidance material and associated resources (BIL app, etc.) in due course to reflect these changes.
The change does not:
- trigger changes to the Commonwealth Email Protective Marking System (EPMS)and OVIC’s Technical Specification for Email Protective Markings, as OFFICIAL: Sensitive is already treated as a security classification within these documents
- change the access to information security clearance requirements for OFFICIAL: Sensitive, as employment screening for entity personnel remains sufficient
- change minimum protections and handling requirements for OFFICIAL: Sensitive detailed in Annexes A-C of PSPF policy 8, and
- require changes to the Australian Government Security Caveat Guidelines, as caveats that allow use with OFFICIAL: Sensitive are already indicated.
OVIC has developed a resource to assist Information Security Leads in rolling out Protective Marking training across their organisation.
The Trainer Guide and the associated Training Template are intended to assist trainers and facilitators in delivering their own protective markings training to stakeholders.
Protective Marking training can be delivered in different ways, but the content captured in the slides can be used as a basis or input into a tailored training program.
If using this resource, the content must be customised to reflect the unique information security risks and operating environment of the organisation.
All content within the template has been drawn from OVIC’s User Guide: Labelling and Handling Protectively Marked Information.
To request a copy of this resource, please email security@ovic.vic.gov.au and a member of the Information Security Unit will be in touch.