Publication date: 25 July 2022

The Protective Security Policy Framework (PSPF) sets out policies for government entities to follow regarding the security of certain information. Under PSPF Policy 2 Management structures and responsibilities, the OAIC, has an obligation to ensure the establishment of an effective management structures and responsibilities which require people to be appropriately skilled, empowered and resourced.

This Authorisation Instrument, signed by the Australian Information Commissioner, appoints certain OAIC staff member in the role of the Chief Security Officer with responsibilities to direct all areas of security to protect the OAIC’s people, information and assets, and to oversee and have decision making responsibilities for all security arrangements across relevant areas. The Instrument also appoints certain OAIC staff member in the role of the Chief Risk Officer who acts as the chief adviser in relation to the implementation of the Commonwealth Risk Management Policy, with responsibilities of advising on appropriate systems of risk oversight and management, and internal control for the OAIC.

Download the print version

If you require this in an alternate format, please send your request to