Skip to content
🚨 6clicks receives ISO 42001 certification for its AI Management System 🚨

Is the PSPF mandatory?


Yes, the Protective Security Policy Framework (PSPF) is mandatory for non-corporate Commonwealth entities. The PSPF outlines the minimum security requirements for the protection of Commonwealth assets, personnel, information and systems. The PSPF is developed and maintained by the Attorney-General's Department and applies to all non-corporate Commonwealth entities.

It is mandatory for all non-corporate Commonwealth entities to comply with the PSPF in order to protect Commonwealth assets, personnel, information and systems. The PSPF is supported by the Australian Government Security Vetting Agency, which provides security clearances to personnel within the Commonwealth and provides advice and guidance on the implementation of the PSPF.

In addition to the PSPF, non-corporate Commonwealth entities must also report to their portfolio minister and the Attorney-General's Department each financial year on security. This is to ensure that the security of Commonwealth assets, personnel, information and systems is maintained and that any breaches of the PSPF are reported and addressed.

Related eBooks & Expert guides
Related answers
> All Resources > Answers > Is the PSPF mandatory?

General thought leadership and news

6clicks receives ISO 42001 certification for its AI Management System

6clicks receives ISO 42001 certification for its AI Management System

Melbourne, Australia – 18 November 2024. 6clicks, pioneer of the first AI-powered GRC (Governance, Risk, and Compliance) software, is proud to...

Hailey’s newest updates: Risk & issue generation + compliance mapping

Hailey’s newest updates: Risk & issue generation + compliance mapping

At 6clicks, we’re continually evolving our AI capabilities to make the process of risk management and compliance faster, smarter, and more intuitive....

Understanding the NIST RMF: Breaking down the 7 key steps

Understanding the NIST RMF: Breaking down the 7 key steps

The NIST Risk Management Framework (NIST RMF) is a flexible framework that can be tailored to your specific organizational profile and regulatory...

Past, present, and future themes in cybersecurity: Are you keeping up?

Past, present, and future themes in cybersecurity: Are you keeping up?

In the ever-evolving landscape of cybersecurity, understanding where we've been, where we are, and where we're going is essential. By examining the...

Why 6clicks is outpacing legacy GRC platforms like Archer, ServiceNow and Diligent

Why 6clicks is outpacing legacy GRC platforms like Archer and more

For years, Archer, ServiceNow, and Diligent were the go-to names in GRC software. Archer’s rich functionality made it a leader, while ServiceNow’s IT...

ServiceNow GRC pricing: Is it worth it in 2025?

ServiceNow GRC pricing: Is it worth it in 2025?

Concerned about ServiceNow GRC’s pricing plans and total cost of ownership? You’re not alone. With a custom pricing structure, determining the...