The Defence protective security framework continued to ensure that Defence is equipped appropriately to deal with future security threats. After the terrorist attacks of 11 September 2001, Defence implemented Safebase, an improved security alert system. Following the Bali bombings, the Safebase alert system continued to provide an appropriate, standardised set of incremental protective security measures that could be implemented after changes to the threat levels. Safebase was used successfully throughout Defence's contribution to the war in Iraq. Alert levels at a number of sites were upgraded to provide a higher level of protection to Defence operations, establishments and personnel at a time of high operational tempo. Safebase policy was also enhanced to provide for security inspections of Defence employees' carried items and private or official vehicles, upon entry into any Defence premises. A comprehensive communications strategy supported this change.
Protective security enhancements to Defence bases and establishments during the year were informed by vulnerability assessments across Australia that had been completed in 2001-02. Funding was provided by the Government to improve security infrastructure around bases and establishments and was used to upgrade armouries, alarm systems, security fencing, signage, mail scanning and barricades. Additional Government funding was provided to support heightened security measures for Defence personnel and facilities, including increased guarding and patrolling.
Ongoing Security Reform
The Defence Security Authority is responsible for the development of security policy, security training and awareness across Defence, security performance assessment programs, serious and complex security investigations and processing of the majority of Defence's security clearances. Service Chiefs and civilian Group Heads remain responsible to the Secretary and the Chief of the Defence Force for security in their areas. The Defence Security Authority works with the Navy, Army and Air Force, Defence intelligence agencies and unit security officers across Defence to fulfil its responsibilities.
The Authority aims to make security 'everybody's business'. Security has been incorporated into organisational performance agreements and the charter letters between the Service Chiefs and Group Heads and the Secretary and the Chief of the Defence Force.
The Defence Security Authority works with the Service Chiefs and civilian Group Heads to meet the five strategic themes that guide the performance of the Authority; namely, to provide clear and comprehensive policy and high-quality selected services, strengthen Defence's security culture, exceed stewardship expectations, strive for business excellence and build a resilient and adaptive security authority.
Defence's capability to provide protective security is reported below against these themes with reference to both the Defence Security Authority and the wider Defence organisation.
Provide clear and comprehensive policy and high-quality selected services
Defence developed policy to clarify security inspection procedures for entry to any Defence premises. Security guidance and instructions were developed to address emerging technologies becoming more prevalent in the workplace such as Personal Digital Assistants and multifunctional devices.
Defence continued to have a significant backlog of personnel security vetting requests. The backlog affected both negative and positive clearance requests. The basis for negative vetting is that a clearance will be granted unless the inquiry process reveals information prejudicial to the subject's suitability. Positive vetting requires that the checking process continue until suitability has been established beyond reasonable doubt.
The deployment of Australian forces to the Middle East in 2003 prompted an increase in the number of both negative and positive vetting requests. Resources were diverted to clear relatively small numbers of people in a very short time, without compromising the quality of the clearance process.
A number of initiatives were taken to assist in the management of the negative vetting clearance backlog. For largely historical reasons, the workload and resources across the Defence Security Authority state and territory offices have varied considerably, with some offices having built up large backlogs over time. A national program was instituted to redistribute cases between offices. In addition, the partial outsourcing of security clearance requests from the Australian Capital Territory/southern New South Wales office has been on trial since April 2003. New in-house benchmarking will help to enable more accurate reporting of productivity and trends and electronic vetting packs will be available by the end of the year. The 2003 Vetting Practitioners' Manual aims to enhance the quality of the security clearance process by ensuring that a consistent approach is taken to the completion of security clearances throughout Defence.
The Defence Intelligence Group positive vetting area is responsible for managing Defence's positive vetting clearances. Additional case officers, psychologists and clerical support staff were recruited. The vetting process was improved through the introduction of accredited training for case officers and revised psychological suitability assessments for applicants.
Defence's internal security policy, embodied in the Defence Security Manual, was aligned with Australian Government security policy and released electronically to all Defence members. The manual is designed to be consistent with the 2000 Commonwealth Protective Security Manual.
In order to improve Defence's capability to protect its people, information and assets, the capacity of the Security Investigations Unit was enlarged by a significant increase in staff over the last year. All investigators have achieved the nationally-recognised minimum standard in investigations.
The security performance assessment program is in the final stages of development and will provide an assurance service to the Defence senior leadership group on security performance across Defence using self-assessment methods, evaluations of Defence-wide sites and specific performance reviews.
Strengthen Defence's security culture
Permanent training officer positions were established within each state and territory office. This led to 330 personnel receiving security officer training and 90 security awareness presentations for 6,694 personnel being conducted over six months. Security specific questions were incorporated into the 2002 annual Defence attitude survey for the first time and approximately 94 per cent of the sampled group indicated that they understood their security responsibilities within Defence.
Exceed Stewardship expectations
Defence reported on its protective security status to several Government security forums over the last year, including the Inter-Agency Security Forum and the Protective Security Policy Committee. Overviews were provided on Defence's progress in implementing recommendations from the Inspector-General of Intelligence and Security, staff attitudes to security, agency security issues, security audits and investigations and Defence's compliance with the Commonwealth Protective Security Manual. Monthly balanced scorecard reporting to the Defence Committee ensured that the visibility and status of security within Defence was regularly monitored at the highest level.
Strive for business excellence
The Defence Security Authority uses a business process alignment program to ensure consistent practices across its state and territory offices. The program is used to develop uniform business processes across all areas of security including vetting, physical security, training and awareness and industrial security. The security authority continues to work with the Navy, Army and Air Force through security directors' meetings to ensure that Defence security issues and policy are addressed in line with Service-specific requirements and that single-Service policy and practice remain consistent with Defence and Government-wide security policy and requirements.
The Defence Security Authority's national recruitment campaign, launched in 2001, succeeded in recruiting an additional 125 personnel, taking the yearly average of full-time equivalent personnel to 209. Individuals with experience in the private sector and the wider public service, as well as former ADF members and Defence civilians, were recruited to create a flexible workforce of both security specialists and generalists. A rolling program of orientation sessions during October and November 2002 provided all new starters with an introduction to the Defence Security Authority, whole-of-Government security and their responsibilities as public officials. Staff continued to be supported through training courses from a variety of areas.