The ATO balances compliance obligations under the Australian Government Protective Security Policy Framework with the need to evolve digital technologies. We have:
- collaborated across the organisation to deliver an enterprise approach to identity protection, scams and cybersecurity, resulting in:
- improved intelligence through the scam reporting line
- improved community awareness through the development of a tailored communication strategy
- commissioned a review of cybersecurity practices across the ATO environment to identify our current vulnerabilities and shape the future direction to protect and support our digital strategy
- delivered consolidated security assessments for ATO and whole-of-government initiatives related to our digital transformation, to ensure we adopt a secure-by-design approach and understand the residual risk
- moved online ATO security content to myATO to make it quicker and easier for staff to source information on their security obligations
- partnered with tax professional associations and software developers in the creation of the Cyber Security Working Group to promote awareness of issues and identified ways to manage the associated risks.