ICT asset disaster recovery planning guideline Guideline | November 2010–current CurrentNon-mandated This guideline has been developed for agencies to use when documenting their ICT asset disaster recovery (DR) arrangements
Incident reporting - manual form Template | September 2024–current CurrentNon-mandated Under the Information security incident reporting standard, agencies can use this template to for both immediate and low business impact reporting.
Essential Eight guideline Guideline | November 2024–current CurrentNon-mandated Providing information and advice for Queensland Government agencies to consider when assessing the implementation of policy requirement 3 of the QGEA Information security policy,
Web application security testing guideline Guideline | December 2011–current CurrentNon-mandated This guideline helps agencies ensures the confidentiality, integrity and availability of the agency data of web applications they use.
Information security assurance and classification guideline Guideline | July 2018–current CurrentNon-mandated Provides advice about the quantity and quality of information security assurance that is reasonable regarding the security of information at differing business impact levels.
Executive guide to security incident management Guideline | October 2017–current CurrentNon-mandated This short guideline aims to assist senior executives during the information security incident management cycle.
Incident management guideline Guideline | September 2018–current CurrentNon-mandated This guideline has been developed to help agencies to meet their information security event and incident management requirements
Business continuity management and ICT disaster recovery implementation fact sheet Factsheet | October 2019–current CurrentNon-mandated In the event of a disaster, agencies must be able to function effectively and ICT is a substantial component of this.
Deployment of intrusion detection and prevention systems guideline Guideline | September 2011–current CurrentNon-mandated To assist agencies with the development, implementation and management of IDPS, within the agency’s ICT environment
Vocabulary for event recording and incident sharing framework overview Guideline | September 2024–current CurrentNon-mandated The VERIS framework is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner