The PSR is a tool that organisations can use to protect what matters and manage security effectively. In 2014, Cabinet directed all public service departments and the New Zealand Defence Force, New Zealand Police, New Zealand Security Intelligence Service and Parliamentary Counsel Office to implement the PSR.
These departments are required to provide assurance information upon request from the lead security agencies:
- Government Communications Security Bureau,
- New Zealand Security and Intelligence Service, and
- the Department of the Prime Minister and Cabinet.
Departments must produce an annual report to their Chief Executive on their protective security capability and compliance. In this report they undertake a self-assessment, supported by evidence of policy and practice, of their security settings against the 20 mandatory requirements.
The self-assessment and reporting process ensures:
- organisations have undertaken an assessment against the mandatory requirements,
- compliance for each mandatory requirement is being effectively managed,
- any unacceptable risk relating to these mandatory requirements has been treated appropriately,
- they have a plan in place to reach and maintain the appropriate level of protective security capability based on their risk profile, and
- their compliance obligations have been met.
Agency reporting allows the New Zealand Government to better understand its overall protective security capability.
If you have any questions about PSR, email psr@protectivesecurity.govt.nz.
Self-assessment and reporting | Protective Security Requirements External Link