The Queensland government has developed an
IT security kit it hopes its agencies will use to self-assess
their compliance against government security standards.
The toolkit was developed by the Queensland Department of
Justice and Attorney General in conjunction with the state's
police and health services.
The toolkit CD uses an interactive questionnaire approach to
allow government departments to measure their compliance against
the Queensland Government's own Information Standard 18.
"[We] put together a reasonably interactive type of CD-ROM
which runs through a series of questions which provides a result
in certain categories," says Stephen Moskwa, the Department of
Justice and Attorney's information security manager. "The
government has been good at coming up with policies, procedures
and standards.... this goes the next step; here's this toolkit you
can use to show you how you're going."
Unlike federal government agencies, the states don't receive
the clear support of the Defence Signals Directorate (DSD). The
DSD is charged with helping the federal government secure its
information, as well as other, more clandestine tasks like
intercepting signals intelligence. "They don't have a clear
mandate to support state governments," Moskwa says.
The CD-ROM was put together with the help of Microsoft and
Moskwa and others who worked on the toolkit hope state
governments other than Queensland's will find it useful, and say
the Victorian government has shown interest in using the kit.