What are the key requirements for obtaining DISP membership?

TL;DR: To obtain DISP membership, your organisation must meet specific governance, personnel, physical, and cybersecurity requirements—aligned with the level of membership you’re applying for.

DISP membership isn’t a one-size-fits-all process. Each level—Entry through Level 3—requires you to demonstrate readiness across four core security categories. As outlined in the 6clicks guide How to Get DISP Membership Fast, these requirements are designed to protect Defence information, infrastructure, and operations from both internal and external threats.

Four core requirement areas

1. Governance & policy

   • Senior security officer appointed

   • Security policies and procedures documented

   • Risk management framework in place

   • Annual self-assessment reporting

2. Personnel security

   • Employment screening and vetting

   • Appropriate security clearances for roles

   • Insider threat awareness and reporting processes

3. Physical security

   • Facility security aligned with Defence expectations

   • Access controls (e.g. locks, CCTV, secure storage)

   • Incident reporting and visitor protocols

4. Cybersecurity

   • Security measures aligned with the Information Security Manual (ISM)

   • System hardening, patch management, and access control

   • Data classification and encryption

   • Incident response capabilities

Additional considerations

• DISP level: Higher levels require more comprehensive and documented controls

• Staff vetting: Baseline or higher-level security clearances may be required

• Ongoing compliance: You’ll need to submit regular updates and reports to Defence Security and Vetting Service (DS&VS)

Want help assessing your DISP readiness?
Book a demo with 6clicks today to see how our platform helps you document, align, and automate all four DISP requirement categories.