The joint committee of public accounts and audit's (JCPAA) report on the Security of Overseas Missions, which looked at last year's findings from the Australian National Audit Office report, has put forward eight recommendations to improve DFAT's governance of post security and aspects of staff training.
"The committee has noted a number of areas in which the Department of Foreign Affairs and Trade can improve its processes for the ultimate purpose of maximising physical, operational and cyber security," committee chair senator Dean Smith said.
One of the eight recommendations has called on the Department to report back to the committee on the status of its cyber resilience and compliance with the Essential Eight – the Australian Signals Directorate's eight mitigation strategies to prevent cyber security incidents.
Cyber security training for locally engaged staff should also be mandated under another recommendation from the JCPAA and consequences for non-compliance should be "adequate" to ensure a strong security compliance culture.
The Department has also been asked to provide details on the effectiveness of the Departmental Security Framework, which is being internally audited this year, and report back on the department’s progress in implementing recommendations from previous audit and review coverage.
Other recommendations include: review current independent assurance arrangements and take action accordingly; provide further information on systems improvements to facilitate assurance that staff receive the required security training; and review the level of support provided to staff regarding post security, particularly the security training program, implementing improvements as necessary
DFAT’s diplomatic network comprises 106 posts across more than 80 countries, which are staffed by several thousand personnel.