LG Cyber Security Toolkit
This project's final report and evaluation was completed on 26 April 2022
Project summary
The project has taken a highly collaborative approach to develop a security framework for the Local Government sector (aligned to the State Government), which will avoid future duplication of effort and provide common tools and terminology.
Through the development and promotion of the framework, the profile of cyber security has been elevated as a significant business risk - not "just an IT thing".
The framework has generated further interest in the complementary LGAAMF cyber security uplift program, and we expect uptake of that program will also increase - particularly from regional councils with outsourced IT services.
The Local Government cyber security steering group which was formed to provide oversight of the LGITSA cyber security strategy is continuing to meet and identify further opportunities for collaboration - with the next focus being an education and awareness program, including Executive preparedness.
Project outputs and outcomes
Collaboration is expected to continue as the framework is adopted and implemented by councils.
Other collaborative opportunities which are being explored include: -
- taking a coordinated approach to cyber security activities (and platforms) arising from the implementation of the framework
- engaging with State and Federal agencies for the delivery of an education and awareness program, including Executive preparedness
- seeking to onboard Local Government to the Australian Protected Domain Service
- a potential Local Government deed for all councils to access the Joint Cyber Security network partnership.
In addition to the LGITSA Yammer network, the potential of a LGITSA Special Interest Group in cyber security is also being explored, which would provide a forum for ongoing collaboration on the implementation of the framework.
The Local Government cyber security steering group is comprised of representatives from LGA, LGITSA, LGFSG and LGRS. This forum is expected to be the key mechanism for sustaining oversight of cyber security initiatives beyond the project.
Project distribution
Project evaluation
IT Auditor, David Powell undertook an independent evaluation of the project. David attended project steering group meetings, and reviewed project status reports and project deliverables, along with feedback received during consultation on the framework.
Based on his observations and review of documents, David concluded that the Local Government Security Framework project was well managed and that the deliverables are expected to be a valuable resource to the Local Government sector.