Direct link: architecture.digital.gov.au/secure-cloud-strategy-pdf
Responsible agency: Department of Home Affairs
Last updated: 2021
Whilst still currently in effect, the Strategy is considered in a “Contain” status pending future updates or replacement.
The Secure Cloud Strategy guides entities beyond their current business restrictions and to move towards a more agile method of service improvement. It guides entities to address capability shortcomings, confusion around security requirements, and conflicting organisation-specific information and communications technology policies.
Alongside the Protective Security Policy Framework and Information Security Manual, the Secure Cloud Strategy provides the requirements and security controls for cloud consumers to use in the assessment of cloud service providers, its cloud services, and a cloud consumer’s own systems.
The strategy sets direction for Non-corporate Commonwealth entities preparing for the shift to cloud or undergoing the transition to cloud.
It is encouraged that other government entities (local, state, or territory) or Corporate Commonwealth entities use this strategy in the assessment of cloud service providers, cloud services, and a cloud consumer’s own systems.