Defence Industry Security Program (DISP) members are part of the Defence community and play a part in keeping Defence’s people, information and assets secure. This includes reporting security incidents to Defence as soon as possible within 24 hours of discovery.
Reporting not only notifies Defence of potential vulnerabilities, it actively contributes to the ongoing monitoring and management of security.
Security incidents
A security incident is a suspicious approach, event, or action (whether deliberate, reckless, negligent, or accidental) that:
- Fails to meet the expected outcomes of Defence security as outlined in the Defence Security Principles Framework.
- Compromises Defence’s protective security arrangements.
- Results in, or has the potential to result in, loss, damage, disclosure, or harm to Defence information, assets, and people.
Examples include, but are not limited to:
- An unauthorised person accessing secure facilities.
- Loss or compromise of an access pass or security keys.
- Loss, theft or unauthorised access to OFFICIAL Defence information.
- Inappropriate handling or storage of OFFICIAL Defence information or materials.
- Cyber security incidents.
- Any contacts with, or approaches from, people which are suspicious or unusual.
Reference Principle 77 in the Defence Security Principles Framework.
Reporting an incident
DISP members must report all security incidents. Even if an incident seems small or harmless collecting and analysing information about the incident builds insights and helps to identify patterns.
To report a security incident tell a Security Officer (SO) about the incident. The SO will then complete and submit a security report. Security reports can only be accessed by SOs via the DISP Security Portal.
If an SO is not available, email security.incidentcentre@defence.gov.au with the details of the incident and clear contact details.
Security reports must be submitted to Defence within 24 hours of discovery of the security incident.