Planning for Quantum Computing impacts on encryption factsheet Factsheet | August 2025–current CurrentNon-mandated Quantum computing is poised to disrupt traditional encryption methods, posing significant risks to data security. See how to start planning now for the upcoming transition to post-quantum cryptography.
Incident management guideline Guideline | July 2025–current CurrentNon-mandated This guideline has been developed to help agencies to meet their information security event and incident management requirements
Information security annual return Template | June 2025–current CurrentNon-mandated Information security annual return
Cybersecurity insurance for Queensland Government agencies Guideline | December 2019–current CurrentNon-mandated Agencies participating in the Queensland Government Insurance Fund are covered for damage from cyber events.
Information security classification controls guideline Guideline | January 2025–current CurrentNon-mandated The Information Security Classification Controls Guideline provides practical controls guidance to agencies on information security controls to apply to their information according to business impact level (BIL).
Cyber workforce strategic plan Strategy | July 2025–current CurrentNon-mandated Find how our vision and steps we are taking will address the critical cyber workforce challenges.
Vulnerability management guideline Guideline | February 2025–current CurrentNon-mandated This document assists agencies to meet their operational security requirements under the Information and cyber security policy (IS18)
QGAF templates Template | August 2017–current CurrentNon-mandated Queensland Government Authentication Framework templates
Reducing password frustration guideline Guideline | January 2025–current CurrentNon-mandated Password frustration can be experienced by computer users who are required to remember multiple usernames and passwords, and is compounded when passwords must be changed frequently.
Email domain security guideline Guideline | July 2025–current CurrentNon-mandated Providing information and advice covering the topic of email domain security and email authentication technologies and specifically DMARC and related technical standards.