Cabinet has directed all NSW Government agencies to increase IT security spending in a bid to safeguard information systems and have uniform standards in place by the end of 2002.
The Premier's Department directive also instructs agencies to appoint a dedicated IT security manager and the Department of Information Technology and Management is establishing a program to undertake penetration testing of agencies' IT systems.
NSW Government IT staff who spoke to Computerworld said some agencies are appointing IT security managers from within their organisations while others will be recruiting externally in the new financial year.
He said additional funding hasn't been made available for the project but spending was redirected to accommodate the new security measures.
According to the circular distributed to all NSW Government chief executives, agencies must have their IT systems certified to the national standard AS/NZS 4444 and reviews will be undertaken annually until 2004 to ensure systems are compliant.
90East will be providing consultancy services for the project to help agencies comply and the Government is also developing online reporting arrangements for agencies to report on their progress.
90East principal consultant Ajoy Ghosh said a standard product dubbed 'security scorecard' is being used to identify gaps and formulate planning to meet all the requirements outlined in the Premier Department's Circular no. 2001 - 46.