Joe Ludwig (Queensland, Australian Labor Party, Manager of Government Business in the Senate) Share this | Link to this | Hansard source

I present the government’s response to the 412th report of the Joint Committee of Public Accounts and Audit on its inquiry into audit reports reviewed during the 41st Parliament, and seek leave to have the document incorporated in Hansard.

Leave granted.

The document read as follows—

Parliamentary Joint Committee on Public Accounts and Audit

Report 412 – Audit reports reviewed during the 41st Parliament

Government Response to the Parliamentary Joint Committee on Public Accounts and Audit Report 412 – Audit reports reviews during the 41st Parliament.

Recommendation

The Committee recommends that DSD formally remind all agencies of their responsibility to comply with the ISIDRAS reporting as required by the Protective Security Manual.

Response

DSD formally reminded all agencies of their responsibility to comply with Information Security Incident Detection, Reporting and Analysis Scheme (ISIDRAS) reporting in the March edition of the DSD Information Security Bulletin. This document is sent to all Chief Information Officers of both State and Federal Government agencies.

Additionally, after a comprehensive review and consultation with stakeholders, DSD has taken the following actions to ensure that agencies fully understand the scheme:

The scheme has been renamed ‘Information Security Incident Reporting’ (ISIR), so that the title more accurately represents the scheme’s function.

The number of reporting categories has changed from four to two so that it is easier for agencies to make the decision on what incidents they must report to DSD.

This information has been disseminated to Government agencies through a variety of channels including: a more informative section on incident reporting on DSD’s Government website www.onsecure.gov.au; a statement of policy in DSD’s 2008 Information Security Manual; and via statements at key security conferences (including the Attorney General’s Security in Government conference).

DSD experienced a 25 per cent increase in agencies reporting incidents during 2007. The number of incidents reported to DSD in 2008 was consistent with the number reported in 2007. Due to improvements associated with the ISIR scheme, the quality of information provided in incident reports is improving and agencies are reporting on the correct incident categories.

I move:

That the Senate take note of the document.

Question agreed to.