The classification of information a system will handle is determined by the government agency that owns it, not the service provider. The information classification must be confirmed before any scoping decision is made. The ISM control set is the same at OFFICIAL: Sensitive and PROTECTED. What differs are the physical security, personnel clearance, and network transmission obligations under the PSPF. Getting the classification wrong at the start means the assessment scope is wrong, and the work may need to be redone.
Stackform’s journey
Stackform had confirmed the obligation and understood what the process would produce. The next question Cybernion asked James was: what classification level has the agency assigned to the information the platform will handle?
Stackform’s assessment needed to cover the SaaS layer specifically, with reference to the cloud provider’s existing assessment for the infrastructure layer beneath it. The cloud provider’s report did not remove that obligation. It informed how Stackform’s assessment would be scoped.
What does information classification mean for IRAP?
Protective Security Policy Framework (PSPF) defines four classification levels:
- OFFICIAL: Sensitive
- PROTECTED
- SECRET
- TOP SECRET
Classification is the agency’s decision, not the service provider’s
In Australia, the information classification is determined by the agency that owns the information. A service provider does not classify the information it handles on behalf of a government agency.
If there is any uncertainty about what classification applies, that conversation must happen with the agency before scoping an assessment. An assessment scoped at OFFICIAL: Sensitive for a system that should have been assessed at PROTECTED will need to be redone.
The agency confirmed Stackform’s information was classified OFFICIAL: Sensitive. Had it been PROTECTED, the preparation timeline, cost, and physical infrastructure requirements would have been substantially different.
The ISM controls are the same across both classification levels
A common misconception is that PROTECTED systems are assessed against a larger or more demanding set of ISM controls than OFFICIAL: Sensitive systems. The ISM control set applicable to both classification levels is the same. The Cloud Controls Matrix (CCM) published by ASD confirms that controls applicable at OFFICIAL: Sensitive are equally applicable at PROTECTED.
The differences between an OFFICIAL: Sensitive assessment and a PROTECTED assessment are not in the ISM control framework. They are in the physical, personnel, and network security obligations mandated by the PSPF, all of which sit within the scope of an IRAP assessment.
Physical security
OFFICIAL: Sensitive systems can operate in a Zone One or Zone Two security area with a standard lockable commercial cabinet. PROTECTED systems require a Zone Four or Zone Five security area with a SCEC endorsed Class C security container.
Commercial organisations providing services to government contractually inherit these physical security requirements. Meeting PROTECTED physical security obligations is a significant undertaking and should be scoped and costed before an assessment begins.
A commercial provider without established government facility arrangements that discovers mid-assessment that PROTECTED physical security is required will face delays that could have been avoided.
Personnel clearances
Access to OFFICIAL: Sensitive information requires an employment screening check. Ongoing access to a PROTECTED system requires a Baseline security clearance issued by the Australian Government Security Vetting Agency.
Obtaining security clearances can take weeks to months depending on personal circumstances and AGSVA’s backlog at the time of application. Starting the clearance process early, before the assessment begins, avoids it becoming a critical path issue.
Network and transmission
The PSPF requires PROTECTED information to be transmitted over a PROTECTED or higher network. OFFICIAL: Sensitive information requires an OFFICIAL: Sensitive or higher network. The controls required to meet PROTECTED network obligations are materially more complex and expensive to implement than those for OFFICIAL: Sensitive.
The system authoriser applies greater scrutiny at PROTECTED
The system authoriser reviewing a PROTECTED assessment report will apply greater scrutiny to residual risks than for an OFFICIAL: Sensitive system. The authorisation decision is harder to obtain and the consequences of a finding are more significant. This is not a difference in the assessment framework. It is a practical reality of how authorising officers approach higher classification systems.
SECRET systems
For completeness, SECRET systems within an organisation’s own on-premises environment can be assessed by either an entity assessor or an IRAP assessor. SECRET outsourced IT systems and cloud services require an IRAP assessor. The PSPF obligations for SECRET systems are substantially more demanding than PROTECTED across physical security, personnel clearances, and network requirements. TOP SECRET systems are assessed exclusively by ASD.
What this meant for Stackform
The OFFICIAL: Sensitive confirmation simplified Stackform’s preparation considerably. The physical security, personnel clearance, and network requirements were achievable within the existing operating environment without significant infrastructure investment. Had the data been classified PROTECTED, the conversation with James would have started with a facilities and staffing assessment before any ISM controls work began.
With classification confirmed, the next step was defining exactly which parts of Stackform’s environment would be included in the assessment. Drawing that boundary correctly is one of the most consequential decisions in the entire process.
We cover that in How to define IRAP Assessment Boundary.
Frequently Asked Questions (FAQs)
Who decides what classification applies to the data our system will handle?
The government agency that owns the data decides, under the PSPF. A service provider does not classify data on behalf of an agency. If there is any uncertainty, that question must be resolved with the agency before scoping begins.
Are the ISM controls different for PROTECTED versus OFFICIAL: Sensitive?
No. The ISM control set is the same at both classification levels. The differences are in the physical security, personnel clearance, and network obligations set out in the PSPF, all of which fall within the scope of an IRAP assessment.
What physical security does a PROTECTED system require?
A Zone Four or Zone Five security area with a SCEC-endorsed Class C security container. OFFICIAL: Sensitive systems require a Zone One or Zone Two security area with a standard lockable commercial cabinet. The gap between the two is significant for commercial providers without established government facility arrangements.
Do our staff need security clearances?
Access to OFFICIAL: Sensitive information requires an employment screening check. Ongoing access to a PROTECTED system requires a Baseline security clearance issued by AGSVA. Clearances can take weeks to months to obtain. Starting the process before the assessment begins avoids it becoming a critical path issue.
Does the classification level affect how hard it is to get authorisation?
Yes, in practice. The ISM framework and the assessment process are the same. However, authorising officers apply greater scrutiny to residual risks on PROTECTED systems, and the consequences of an unresolved finding carry more weight. The authorisation decision is harder to obtain at PROTECTED.
Sources:
- ASD IRAP Consumer Guide, July 2025
- ASD Cloud Controls Matrix, Latest version
- Australian Government Security Classification System and Requirement 0109, PSPF 2025
The names of the organisations and individuals have been changed to protect their privacy. The situations described are based on real patterns observed across Australian government and enterprise environments.
Last updated: 05 June, 2026
Cybernion has helped multiple organisations with IRAP readiness and assessments.
Talk to us. We aren’t always chasing a transaction.