CybersecurityFramework

PSPF 2026

Protective Security Policy Framework Release 2026

Protective Security Policy Framework (PSPF) Release 2026 is the Australian Government's updated protective security framework that sets mandatory requirements across six security domains to help government entities protect their people, information, assets, and resources through effective risk management and security practices.

Overview

The Protective Security Policy Framework (PSPF) Release 2026 is the Australian Government's latest protective security policy framework, published by the Department of Home Affairs and effective from 1 July 2026. The framework establishes mandatory protective security requirements across six security domains: Governance, Risk Management, Information Security, Technology Security, Personnel Security, and Physical Security. It provides a comprehensive, risk-based approach to safeguarding government people, information, assets, and resources both within Australia and internationally. PSPF Release 2026 supports government entities in identifying, assessing, and mitigating security risks and vulnerabilities while maintaining responsible and effective protective security practices. The annual release reflects updates to security requirements, standards, and guidance in response to the evolving threat environment and emerging security challenges.

Related in Cybersecurity

CybersecurityStandard

SACSF V2.0 — South Australian Cyber Security Framework V2.0

The South Australian Cyber Security Framework (SACSF) is a cybersecurity governance framework developed by Security SA to help South Australian Government agencies manage cyber risks and protect information, systems, and digital services. It consists of 18 policy statements across four core principles—Governance, Information Security, Personnel Security, and Physical Security—and uses a four-tier risk-based approach to implement security controls proportionate to agency risk exposure.

Australian Government • South Australia • v2.0

View details
CybersecurityStandardFramework

CAIQ v4.1.0 — Consensus Assessment Initiative Questionnaire v4.1.0

The Consensus Assessments Initiative Questionnaire (CAIQ) v4.1.0 is a comprehensive cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate the security, privacy, and compliance practices of cloud service providers. It includes 261 assessment questions mapped to 207 controls across 17 security domains, supporting detailed vendor due diligence, third-party risk management, and cloud security assessments using a standardized industry framework.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityStandard

CAIQ Lite v4.1.0 — Consensus Assessments Initiative Questionnaire Lite v4.1.0

Consensus Assessments Initiative Questionnaire (CAIQ) Lite v4.1.0 is a streamlined cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate cloud service providers using a standardized approach. It includes 138 focused questions across 17 security domains, enabling efficient vendor due diligence, third-party risk management, and security posture assessments.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityFrameworkStandard

CCM v4.1 — Cloud Controls Matrix v4.1

The Cloud Controls Matrix (CCM) v4.1 is a cybersecurity control framework that consists of 207 controls across 17 security domains, specifically tailored for cloud security and privacy. The Consensus Assessment Initiative Questionnaire (CAIQ) accompanies the CCM, offering a set of assessment questions to evaluate security controls.

Cloud Security Alliance (CSA) • v4.1

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call