Information security classification is crucial for ensuring the secure information handling, storage, and sharing. Within the Department of Education, every piece of information is evaluated for sensitivity and classified accordingly. This classification guides us in managing information and protecting it from unauthorised use, modification, disclosure, or loss. Proper classification not only safeguards the integrity of our information but also ensures we comply with state and federal legislation.
Supported classifications on the Developer Portal
Our Developer Portal is designed to facilitate collaboration and information sharing within our community. However, it’s essential to note that the portal supports only up to the SENSITIVE classification level. PROTECTED information, which includes highly sensitive data, is not permitted on the portal.
Here’s a breakdown of the classifications we support:
-
OFFICIAL:
The Developer Portal is a departmental initiative, classified as an OFFICIAL source for information and collaboration. It offers a wide range of content, including recommendations, best practices, trend alerts, opinions, tips, and ideas, all shared in the spirit of collaboration. -
OFFICIAL Standards:
The ‘Standards’ tag is used to highlight departmental standards, policies, and guidelines. Only department staff can create OFFICIAL posts with this tag. However, these posts are typically accessible to everyone, including guests, ensuring critical information is widely available. -
SENSITIVE:
This classification applies to information with a medium level of sensitivity, accessible only to authorised personnel on a need-to-know basis. SENSITIVE posts on the portal are restricted to departmental staff, helping protect information that could cause limited harm to individuals or the department if improperly disclosed.
Moderation and specialist review
All submissions to the Developer Portal, regardless of classification, will be strictly moderated, to ensure they meet our quality and privacy standards. Additionally, posts containing specialist information, such as cyber security, information security, and enterprise architecture, may be subject to further review by departmental subject matter experts before being published. This ensures that all content is accurate, relevant, and appropriately handled according to its classification.
Key points to remember
- OFFICIAL Accessible to all users, suitable for community discussions and developer collaboration.
- OFFICIAL Standards Restricted to departmental standards, posted only by approved Government staff. Typically available to all Developer Portal users.
- SENSITIVE Accessible to departmental staff only, requiring extra care in handling.
- PROTECTED Not supported on the Developer Portal.
- Moderation All content is moderated before publication, regardless of classification.
By adhering to these classifications and processes, we can ensure that all information shared here is appropriate for its intended audience and securely managed.
Further reading:
- Information security classification framework (QGISCF), February 2020.
- Information security classification, Department of Education (Staff login required), April 2023.