Defence Industry Security Program (DISP)

The Defence Industry Security Program (DISP) is a program implemented by the Australian Defence Force (ADF) to manage security risks and protect sensitive information.

The program is designed to ensure that all parts of Defence are able to manage security within their operational contexts, and to encourage members to make good security decisions in line with DISP principles. The DISP covers all aspects of security, including:

1. Personnel security
2. Physical security
3. Information security
4. Operational security

It sets clear processes and accountabilities, underpinning the assurance of Defence protective security arrangements.

The DISP is designed to ensure that the most appropriate people are setting the security requirements. This is achieved through the use of a risk-based approach, with security requirements being tailored to the individual needs of each Defence project.

This approach allows for more effective and efficient security management, and helps to ensure that the security requirements are appropriate for the level of risk associated with the project.

The DISP also sets out the requirements for security clearance, which is essential for any personnel working with sensitive information. The clearance process is designed to ensure that the individual is suitable to work with the information and is able to maintain its security.

The DISP also sets out the requirements for physical security, which is essential to protect sensitive information and equipment. This includes the use of access control systems, CCTV, and other security measures to ensure that only authorized personnel are able to access the information and equipment.

The DISP also sets out the requirements for information security, which is essential to protect sensitive information from unauthorized access. This includes the use of encryption, authentication, and other security measures to ensure that only authorized personnel are able to access the information.

Finally, the DISP sets out the requirements for operational security, which is essential to protect sensitive operations from unauthorized access. This includes the use of operational security measures, such as the use of secure communications and the use of secure facilities.

Overall, the Defence Industry Security Program is an essential tool for the ADF to manage security risks and protect sensitive information. It sets out the requirements for personnel security, physical security, information security, and operational security, and encourages members to make good security decisions in line with DISP principles.

All Australian businesses can achieve DISP membership, but they must meet the eligibility requirements outlined in Control 16.1 of the Defence Security Principles Framework.

The Defence Industry Security Program (DISP) is a security program that provides a framework for managing security requirements for defence industry participants. The program ensures that the Australian Government's security requirements are met and that sensitive information and assets are protected.

The DISP has four membership levels, each with specific requirements:

1. Entry Level (Official/Official: Sensitive): This is the basic membership level for those handling non-sensitive information and assets. Basic security measures are required, such as physical security, personnel security, and security governance measures.

2. Level 1 (Protected): This membership level is suitable for those dealing with sensitive information and assets. More stringent security measures are required, such as physical security, personnel security, and security governance measures.

3. Level 2 (Secret): This membership level is suitable for those handling highly sensitive information and assets. Even more stringent security measures are required, such as physical security, personnel security, and security governance measures.

4. Level 3 (Top Secret): This membership level is suitable for those handling extremely sensitive information and assets. The most stringent security measures are required, such as physical security, personnel security, and security governance measures.

The DISP membership levels are designed to ensure that defence industry participants meet the security requirements of the Australian Government. The higher the level of membership, the more stringent the security requirements. It is essential for defence industry participants to understand the security requirements of each level and ensure that they are meeting them.

Why Join the Defence Industry Security Program (DISP)?

Joining the Defence Industry Security Program (DISP) is an essential step for any Australian business looking to work with Defence. DISP provides businesses with the resources and guidance needed to ensure they meet their security obligations when delivering Defence contracts and tenders.

Benefits of DISP Membership

DISP membership is a valuable asset to any business looking to work with Defence, as it provides access to a range of benefits. These benefits include:

1. Security advice and support services
2. Security-related services and benefits
3. Trusted and reliable sources
4. Competitive edge

Security Advice and Support Services

DISP provides businesses with the security advice and support services necessary to understand and manage security risks across their business. This includes guidance on security processes, access to security resources and tools, and the ability to access accredited security professionals.

Security-Related Services and Benefits

DISP members are able to access a range of security-related services and benefits. These include access to security-related publications, access to a secure web portal, access to security education and training, and access to a range of security-related events. All of these benefits are designed to help businesses understand and manage their security obligations when delivering Defence contracts and tenders.

Trusted and Reliable Sources

DISP membership helps instil confidence when procuring goods and services for Defence from other industry members. DISP members are required to meet the same security standards and requirements as Defence, which helps to ensure that businesses are procuring goods and services from trusted and reliable sources. This helps to ensure the integrity of the Defence supply chain and protects businesses from potential risks.

Competitive Edge

Finally, DISP provides businesses with a competitive edge in the Defence industry. DISP membership demonstrates a commitment to security and compliance, which can help businesses stand out from the competition and win more business from Defence.

In conclusion, DISP membership is an essential step for any business looking to work with Defence. It provides access to a range of benefits and services that help businesses understand and meet their security obligations when delivering Defence contracts and tenders. Furthermore, DISP membership is a great way to instil confidence when procuring goods and services for Defence from other industry members, and provides businesses with a competitive edge in the Defence industry.

The Defence Industry Security Program (DISP) is an Australian Government initiative that sets out the security requirements for businesses seeking to join Australia’s defence industry supply chain. In order to be eligible for DISP, businesses must meet certain prerequisites.

1. First, businesses must be registered as a legal business entity in Australia. This means they must have an Australian Business Number (ABN) or Australian Company Number (ACN).
2. Second, businesses must be financially solvent. This means they must have sufficient funds to cover all costs associated with their defence industry activities.
3. Third, businesses must have a board director or senior executive who is able to obtain an Australian security clearance and fulfil the role of Chief Security Officer. This person is responsible for ensuring that the business meets all security requirements and for reporting any security incidents or breaches to the Australian Government.
4. Fourth, businesses must have a staff member who is able to obtain an Australian security clearance and fulfil the role of Security Officer. This person is responsible for ensuring that the business meets all security requirements and for reporting any security incidents or breaches to the Australian Government.
5. Fifth, businesses must create an email address in the form of “disp@insertyourbusinessname.xxx.xx”. This email address must be used for all communication with the Australian Government regarding security requirements.
6. Sixth, businesses must satisfy Defence requirements around foreign ownership, control or influence (FOCI). This means that the business must not have any relationships with a listed terrorist organisation, any regimes subject to Australian sanctions laws, or any persons and/or entities on the Department of Foreign Affairs and Trade’s Consolidated List.
7. Finally, businesses must have an appropriate security system in place. This includes physical security measures such as locks, alarms, and CCTV, as well as personnel security measures such as background checks and security clearances.

In order to join the DISP, businesses must meet all of these prerequisites. By doing so, they will be able to access the security requirements of the Australian Government and join the defence industry supply chain.

Increasing the chances of achieving DISP membership requires a comprehensive approach to information security management. This means having the right policies, processes, and procedures in place to ensure the security of sensitive data.

To achieve DISP membership, businesses should follow these steps:

1. Ensure that you have an information security management system (ISMS) in place that meets the requirements of the ISO 27001 standard. This standard outlines the requirements for an ISMS and provides a framework for managing and protecting sensitive company information.

2. Regularly review and update your ISMS to meet the changing security landscape. This means regularly monitoring and assessing the security of your systems and data and making sure that any new risks or vulnerabilities are addressed.

3. Ensure that your staff are properly trained on information security. This includes educating them on the importance of data security, as well as teaching them how to identify potential threats and respond appropriately.

4. Ensure that you have the right security controls in place. This includes firewalls, antivirus software, encryption, access controls, and other measures to protect your data.

By following these steps, you can increase your chances of achieving DISP membership. However, it is also important to remember that DISP membership is not a guarantee of success. You may still be rejected if your security measures are not up to scratch. Therefore, it is important to make sure that you are continually improving your security measures and staying up to date with the latest developments in the security landscape. This will help to ensure that your systems and data remain secure and that you are able to meet the requirements for DISP membership.