Queensland Government executives are responsible for establishing strategic and operational risk management arrangements that address cyber threats to portfolio service delivery and are accountable for attesting to the cyber security posture of their organisation.
Integrating security risks from an ISMS into corporate governance and risk management systems is a fundamental part of the Queensland Government Information security policy (IS18). IS18 is supported by a range of better practice resources that can help executives understand their obligations and ensure cyber risks are managed appropriately. It is important that executives understand the critical information assets their business holds and the impact to the business if they were to be compromised, obtaining appropriate cyber security assurance, and ensuring adequate preparedness in the event of a cyber security incident.
This policy states the Queensland Government’s position on using DeepSeek on government systems and devices.
Identifying and managing risks to information, applications and technologies, through their lifecycle, using Information Security Management Systems.
The purpose of this policy is to help departments manage the risks associated with the TikTok application and provide consistency with the federal government policy.
For further advice on mandatory directions within the QGEA, see the other categories or search the full list of digital policies, standards and guidelines.