Government system receives FOI blackout

A security audit on an online government portal has recently been published as part of an FOI request, but the results have all been blacked out.

In 2010, Stratsec, an Information Security Registered Assessor, undertook an audit of the Australian government's Department of Finance and Deregulation's online, cross-jurisdictional web portal, called GovDex. The portal, which falls under the Australian Government Information Management Office (AGIMO), is meant to help the government "facilitate integration, creation, and management between agencies and between government, business, and the community."

As with all government systems, it also needs to comply with the Australian government's Information Security Manual , which is where Stratsec comes in: to provide an independent assessment.

In particular, the assessment was meant to determine whether AGIMO and the Department of Finance could protect government information that has a classification of in-confidence (a non-national security classification that is now being phased out).

The report (PDF) has only come to light today, as part of a Freedom of Information (FOI) request made by an unknown applicant. And it shows nothing.

Of the report, almost all of it is blacked out. In fact, whoever requested the document can only speculate that something wasn't quite right, given the number of columns that are shaded red or orange.

Most pages of the report are completely blacked out. (Screenshot by Michael Lee/ZDNet)

GovDex is due for an overhaul, which doesn't appear to be for any outstanding security issues.

The system shares confidential documents and information, and has been set up to service users who are not necessarily tech savvy.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All