Policies
Whole-of-Government Policies provide direction to agencies about how they should approach particular aspects of digital and ICT investment, design and delivery, including requirements, when the policy must be applied and exemptions for certain circumstances.
Digital and ICT Reuse Policy
Visit the Australian Government Architecture website for information on the Digital and ICT Reuse Policy.
Digital Sourcing Policy
Find more information about the digital sourcing policies:
- Digital Sourcing Consider First Policy
- Digital Sourcing Fair Criteria Policy
- Digital Sourcing Contract Limits and Reviews Policy
- Digital Sourcing Panels Policy’
Protective Security Policy Framework
Visit the Australian Government Architecture website for information on the Protective Security Policy Framework.
Secure Cloud Policy
The Secure Cloud Strategy guides agencies beyond their current business restrictions and move towards a more agile method of service improvement.
The Secure Cloud Strategy is one of the whole-of-government digital policies and standards that the DTA uses to assess whether a digital or ICT-enabled investment proposal is robust, of high quality and can be brought forward for Government consideration.
Further detail on the requirements for agencies when bringing forward digital and ICT-enabled investment proposals for Government consideration can be found at the Contestability (Budget) stage of the Whole-of-Government Digital and ICT Oversight Framework.
Applicability
The policy applies to all Non-corporate Commonwealth entities preparing for the shift to cloud or undergoing the transition to cloud.
The policy guides agencies to address capability shortcomings, confusion around security requirements, and conflicting agency-specific information and communications technology policies.
It is encouraged that other government entities (local, state or territory) or Government corporate entities use this policy in the assessment of cloud service providers, its cloud services and a cloud consumer’s own systems
Policy requirements
Entities are required to use the policy to develop their own cloud strategies to suit their operating environment.
The Protective Security Policy Framework (PSPF), Information Security Manual (ISM) and Secure Cloud Strategy provide the requirements and security controls for cloud consumers to use in the assessment of the cloud service providers, its cloud services and a cloud consumer’s own systems.
Patterns, standards and tools
For more information visit: Secure Cloud Strategy | Digital Transformation Agency (dta.gov.au)
Hosting Certification Framework
Visit the Australian Government Architecture website for information on the Hosting Certification Framework
Digital Service Standard
Visit the Australian Government Architecture website for information on the Digital Services Standard
Benefits Management Policy
The Benefits Management Policy (BMP) helps agencies deliver digital and ICT outcomes by standardising benefits management practices for whole-of-government digital and ICT-enabled investments.
The Benefits Management Policy defines how benefits must be managed across the Australian Government digital and ICT portfolio.
The BMP outlines:
- the requirements for investment oversight
- best-practice guidance on benefits management.
This first iteration of the Benefits Management Policy integrates with the ‘Contestability’ state of the Investment Oversight Framework (IOF). In its final form, the policy will complement the full framework putting benefits at the centre of how investments are planned, prioritised, contested and assured.
For more information, visit the Benefits Management Policy page