Guide to Information Security

Citation
Office of the Australian Information Commissioner, Guide to Information Security (Apr. 2013) (full-text).

Overview
This guide provides guidance on information security, specifically the reasonable steps entities are required to take under the Privacy Act 1988 to protect the personal information they hold. It is intended for entities, including Australian, ACT and Norfolk Island Government agencies, and private sector organisations that are covered by the Privacy Act 1988. It is also relevant to credit reporting agencies, credit providers and tax file number recipients.

This guide discusses some of the circumstances that the Office of the Australian Information Commissioner takes into account when assessing the reasonableness of the steps taken by entities to ensure information is kept secure.