History
- Priority
- must
- Nov 2018
- Removed
- Removed due to being covered by an Australian Communications Security Instruction (ACSI).
- 2017
- Before personnel are granted communications security custodian access, agencies mustensure that they have:• a demonstrated need for access• read and agreed to comply with the relevant Key Management Plan (KMP) for the• cryptographic system they are using• a security clearance at least equal to the classification of the keying material• agreed to protect the authentication information for the cryptographic system at thesensitivity or classification of information it secures• agreed not to share authentication information for the cryptographic system withoutapproval• agreed to be responsible for all actions under their accounts• agreed to report all potentially security related problems to an ITSM or a COMSECCustodian Officer.
- Control Text Changed. No public explaination.
- 2015
- Before personnel are granted communications security custodian access, agencies mustensure that they have:• a demonstrated need for access• read and agreed to comply with the relevant Key Management Plan (KMP) for thecryptographic system they are using• a security clearance at least equal to the classification of the keying material• agreed to protect the authentication information for the cryptographic system at thesensitivity or classification of information it secures• agreed not to share authentication information for the cryptographic system withoutapproval• agreed to be responsible for all actions under their accounts• agreed to report all potentially security related problems to an ITSM or a COMSECCustodian Officer.
- 2010
- Before personnel are granted cryptographic system administrator access, agencies must ensure that they have:• a demonstrated need for access• read and agreed to comply with the relevant KMP for the cryptographic system they are using• a security clearance at least equal to the highest classification of information processed by thecryptographic system• agreed to protect the authentication information for the cryptographic system at the highestclassification of information it secures• agreed not to share authentication information for the cryptographic system without approval• agreed to be responsible for all actions under their accounts• agreed to report all potentially security related problems to an ITSM.
- 2008
- Before a staff member is granted cryptographic system administrator access, agencies must ensure that the staff member: a. has a demonstrated need for access b. has read and agreed to comply with the relevant key management plan (KMP) for the cryptographic system they are using c. possess a security clearance at least equal to the highest classification of information processed by the system d. has agreed to protect the authentication information for the system at the highest level of information it secures e. has agreed not to share authentication information for the system without approval f. has agreed to be responsible for all actions under their accounts g. has agreed to report all potentially security related problems to the information technology security adviser and/or agency security adviser.