Number: 2022/03
Issue Date: 23/11/2022
Review Date: 30/06/2025
Policy
The strengthening of cyber security is a key priority of the Digital Strategy for the Western Australian Government 2021-2025. This Circular applies to the WA Public Sector (as per the Public Sector Management Act 1994), the WA Police Force (as per the Police Act 1892) and Health Service Providers (as per the Health Services Act 2016) (together, ‘Entities’).
- Implementation of the 2021 Western Australian Cyber Security Policy (the Policy)
- The Policy sets standards and measures to manage cyber security risks.
- Entities must:
- Implement the Policy,
- Connect to the Office of Digital Government (DGov) Security Operations Centre, and
- Report annually on the implementation of the Policy to DGov.
- Compliance with Western Australian Whole-of-Government Cyber Security Incident Coordination Framework (Framework)
- The Framework sets coordination measures for cyber incident response.
- Entities must:
- Incorporate the Framework into their cyber incident response planning, and
- Report cyber incidents to the WA Government Cyber Security Incident Reporting Portal.
- Provision of Office of the Auditor General’s (OAG) audit findings to DGov
- The OAG audits how agencies manage confidentiality and integrity of information and services.
- Entities must share with DGov, within seven days:
- Their draft OAG management letters, and
- Their responses on audit findings and maturity assessments.
Background
Government is dependent on reliable and secure digital systems to provide public services.
A broad cyber security approach protects the integrity of Government information systems. In this way, Entities will reduce risk and improve their cyber resilience.
Mark McGowan MLA
PREMIER
