Australian Government Architecture
Search

Type

Policy

Reference

.

Applicable from

13 Jun 2023

Mandate

Endorsed

Status

Core

Responsible agency

Digital Transformation Agency

Hosting policy

This policy describes the requirements for entities planning digital investments involving hosting. It refers to the facilities that will host government data and systems internally, on premises, or externally, on cloud. 

Applicability

Digital investment proposals are assessed against this policy by the DTA through the Digital and ICT Investment Oversight Framework (IOF).

Commonwealth entities are encouraged to apply this policy to all digital investments.

Policy

  • Ensure the secure hosting of security-classified government information and data using certified services and associated infrastructure by applying the Hosting Certification Framework (HCF).

  • Assess data and hosting sensitivities to ensure the suitability of hosting providers.

Capabilities

This policy includes requirements that relate to the following capability.
CAP28

Hosting

Strategies

This policy supports the following strategies.
STR11

Secure Cloud Strategy

Standards

The following standards show what to do to satisfy this policy.

Hosting Certification Framework

STA26
The Hosting Certification Framework provides guidance to Australian Government customers enabling them to identify and source hosting services that meet enhanced privacy, sovereignty, and security requirements.  Certification under the Framework ensures Service Providers are offering secureā€¦
Was this information helpful?

Do not include any personal information. We are unable to respond to comments or feedback. If you would like a response, please email, or phone us. Our details are on the AGA contact page www.architecture.digital.gov.au/contact-us.