Security in the Government Sector

The Official Information Act 1982 espouses the principle that official information should be made available to the public unless there are good reasons to withhold it. However, the Government requires that official information receives appropriate protection where it is in the national or public interest to do so.

The document Security in the Government Sector (SIGS), authorised by the Interdepartmental Committee on Security and published in 2002 by the Department of Prime Minister and Cabinet, replaces Security in Government Departments issued in 1994, and incorporates the revised security classification system approved by Cabinet on 18 December 2000.

SIGS is designed to help government departments and agencies, State Owned Enterprises and Crown Entities develop their security instructions based on a framework that is consistent throughout the Government sector.

Compliance with the requirements of the document is mandatory for all government departments, agencies and ministerial offices. It is also made available to State Owned Enterprises and Crown Entities to assist them in meeting their obligations under the Official Information Act 1982 and the Privacy Act 1993.

While chief executives are responsible for developing, implementing and maintaining standards of protective security within their organisations using a risk management approach, there are certain minimum standards which must be met. These are also detailed in the SIGS document.

Because it would not be practical to attempt to include all detailed advice on matters of security in one document, the Government Communications Security Bureau (GCSB) and the New Zealand Security Intelligence Service (NZSIS) have produced supplementary manuals intended for the guidance of government departments and agencies in general and, in particular, for Departmental Security Officers.

The New Zealand Information Security Manual (NZISM), published by GCSB, is the national technical security policy, describing minimum mandatory technical security standards for government departments and. agencies. It promotes cyber security, is unclassified and can be accessed on the GCSB website here.

The Protective Security Manual (PSM), published by NZSIS, is a consolidation of SIGS, Protective Security Supplements and a Catalogue of Approved Security Equipment for the information of government departments and agencies. The Supplements flesh out the policy stated in SIGS and provides stand alone advice on issues not included in SIGS. The Catalogue is a living document detailing security products approved by NZSIS for use in the protection of classified hardcopy information and equipment. The Supplements and Catalogue are classified and not available to the general public.

Click here to access Security in the Government Sector (SIGS).