Incident reporting - manual form Template | September 2024–current CurrentNon-mandated Under the Information security incident reporting standard, agencies can use this template to for both immediate and low business impact reporting.
Essential Eight guideline Guideline | November 2024–current CurrentNon-mandated Providing information and advice for Queensland Government agencies to consider when assessing the implementation of policy requirement 3 of the QGEA Information security policy,
Web application security testing guideline Guideline | December 2011–current CurrentNon-mandated This guideline helps agencies ensures the confidentiality, integrity and availability of the agency data of web applications they use.
Reducing password frustration for Queensland public servants Guideline | February 2018–current CurrentNon-mandated Password frustration can be experienced by computer users who are required to remember multiple usernames and passwords, and is compounded when passwords must be changed frequently.
Deployment of intrusion detection and prevention systems guideline Guideline | September 2011–current CurrentNon-mandated To assist agencies with the development, implementation and management of IDPS, within the agency’s ICT environment
Vulnerability management guideline Guideline | July 2018–current CurrentNon-mandated This document assists agencies to meet their operational security requirements under the Information Security Policy (IS18:2018)..
ICT-as-a-service security assurance guideline Guideline | June 2016–current CurrentNon-mandated This document provides information and advice to support Queensland Government agencies in gaining adequate assurance of planned cloud and ICT as-a-service offerings through the evaluation, service integration design, contract and procurement activities.
Business continuity management and ICT disaster recovery implementation fact sheet Factsheet | October 2019–current CurrentNon-mandated In the event of a disaster, agencies must be able to function effectively and ICT is a substantial component of this.
Ransomware guideline Guideline | August 2022–current CurrentNon-mandated This guideline discusses ransomware and the Queensland Governments position against paying ransomware, and ways that agencies can protect themselves.
Incident management guideline Guideline | September 2018–current CurrentNon-mandated This guideline has been developed to help agencies to meet their information security event and incident management requirements