Australian Government Architecture
Search

Type

Capability

Reference

.

Mandate

Endorsed

Permissions

Definition

Permissions provide the ability to evaluate, record, and access information identifying the right of an individual or entity to use, access, or do something, be something, or have something. 

Permissions are crucial for ensuring that government services and resources are allocated and accessed appropriately, transparently and securely. 

A permissions capability includes technology, people, processes, and enablers such a business design, service models, and governance.

Certain permissions can result in the provision of an entitlement. The definition, scope and process of granting entitlements are addressed within the Entitlements capability.

Purpose

Permission management, whether as a distinct system or as a functional component of a broader system, is essential for the evaluation, recording and accessing the rights of an individual or organisation. 

A mature permission capability will enable permissions only to those who are entitled to them and enable those granting the permissions to do so in a secure and efficient manner.

Suitable handling of permissions is realised through:

  • evaluating, accessing information, and capturing the right of an individual or entity to use, access, or do something, be something, or have something
  • allowing or restricting permission, internally and externally, in a controlled manner and on a needs-basis
  • functioning as part of a suite of capabilities within the Cyber Security domain, integrating with other systems to or within which permissions are being granted.

Objective

The objectives of this content are to:

  • identify, consolidate, and standardise permissions approaches, especially those with complementary systems functionality, to increase efficiency and reduce the complexity of government service delivery
  • enhance customer experience for individuals and business when they engage with government
  • establish and implement consistent standards or designs where entity solutions require permissions
  • ensure that new application solutions draw security efficiency from preceding investments, implementations, and learnings to maximise re-use and minimise risk.

Whole-of-government applicability

Permissions have broad applicability in delivering services such as payments, grants, visas, and permits where there is a need to ensure:

  • consistent, effective, and efficient processing, workflow, approvals, and decision functionality for entities responsible for issuing permissions
  • a customer-centric focus, ensuring simple and appropriate, yet robust management of permissions that suits the unique context of the system and its data and security needs
  • use of proven permissions designs, development approaches, and lessons learned, including approaches that assist APS skills development, remove design development complexity, and directly leverage available expertise.

The Data and Digital Government Strategy and Implementation Plan impose obligations on the APS for the provisioning of permissions through:

  • Delivering for all people and business: To embed inclusion and accessibility
  • Simple and seamless services: To be digital by design
  • Trusted and secure: To build and maintain trust.

Domains

This capability is part of the following domain.
DOM3

Government service delivery

Policies

The following policies have requirements that impact this capability.
Permissions policy
POL40
Mandate: Endorsed
Status: Core
The permissions policy is essential for evaluating and recording who can access specific government information, systems or resources, and enabling access to users according to their granted permissions.  Applicability Digital investment proposals are assessed against this policy by the DTA…

Standards

The following standards support development of digital solutions in this capability.

Permissions standard

STA53
Permissions systems facilitate efficiency, consistency and a seamless workflow across entities responsible for secure access. Unique business needs and governance requirements will dictate solution selection, design and implementation. The considerations outlined in this standard are intended to…

Designs

The following designs include examples of how digital solutions in this capability can be delivered.

Australian Taxation Office voice authentication solution

DES81

Lead Agency: Australian Taxation Office

Technology Type: Nuance

The Australian Taxation Office (ATO) has implemented a user-centric voice biometric solution that confirms a person’s identity by matching their voice characteristics to a stored voiceprint. People can be authenticated using their voice across multiple channels, including the ATO app and over the…

Integrated Regulatory Information System (IRIS)

DES155

Lead Agency: Comcare

Technology Type: Microsoft Dynamics 365

Integrated Regulatory Information System (IRIS) is the primary application used by Comcare’s Regulatory Operations Group for various regulatory licensing, monitoring, compliance, and investigation tasks. It is a central, organised, easy-to access place to store data about notifications (work health…

Contractor Reporting, Integrity Information System (CRIIS)

DES160

Lead Agency: AusTender

The Contractor Reporting, Integrity Information Solution (CRIIS) will enhance transparency in Government contingent workforce processes and support the engagement of temporary workers.

Strategic Alignment

Digital solutions in this capability can support the following strategies.

2023-2030 Australian Cyber Security Strategy

Was this information helpful?

Do not include any personal information. We are unable to respond to comments or feedback. If you would like a response, please email, or phone us. Our details are on the AGA contact page www.architecture.digital.gov.au/contact-us.