Show download pdf controls
  • Attention

    We’re currently updating this page to make it easier for you to find the information you need. During this time, you might find some links are broken. We’re working to resolve these and any other issues as quickly as possible. Thank you for your patience.

    End of attention

    ATO information security guidelines for contractors

    Effective April 3 2017

    The Australian Government expects the ATO to create and maintain a security environment to protect its functions and official resources. The Australian Government Protective Security Policy Framework (PSPF) sets out the policies, practices and procedures that all Australian Government departments and agencies must comply with.

    The security of our information is critical. Information security requirements apply to all ATO employees, and similar requirements apply to ATO contractors.

    These information security guidelines are derived from the minimum mandatory requirements of the PSPF information security management core policy. They explain the practices and procedures contractors must follow to provide adequate security for the ATO information they access, process or store.

    Departure from these guidelines must be authorised in writing by ATO Physical Security Management (or ATO IT Security Branch for electronic systems).

    See also:

      Last modified: 03 Apr 2017QC 17156