Holan was engaged to review and redesign the security systems of a small Australian Government entity responsible for managing sensitive information. The engagement required a comprehensive assessment of security posture and resilience across multiple dimensions, including Systems, Personnel, Operations and the external operating environment.

The team was brought in to provide expert advice and practical assistance in conducting this in-depth analysis. Through skillful stakeholder engagement and structured methodologies, the group was able to navigate complex operational challenges, capture critical insights, and deliver a set of actionable recommendations. These outcomes not only informed the redesign of the entity’s security systems but also strengthened its overall risk management framework and enhanced its ability to safeguard information assets in alignment with government security standards.

What we delivered

Following a comprehensive risk assessment, the team identified key flaws and vulnerabilities within the entity’s existing security protocols and subsequently developed a tailored remediation plan to strengthen its overall security posture. The plan was operationalised in close collaboration with the entity, ensuring that enhancements were both practical and sustainable. This process modernised core systems, reinforced internal controls, and aligned security practices with the requirements of the Protective Security Policy Framework (PSPF) and the Information Security Manual (ISM).

Key deliverables under the remediation plan included:

• New policies, providing clear guidance on protective security obligations and compliance expectations;
• Procedures, establishing consistent practices for day-to-day security management;
• Governance frameworks, to ensure effective oversight, accountability, and continuous improvement;
• Incident and asset registers, improving visibility and traceability of security events and critical resources; and
• Targeted protective security training, equipping staff with the knowledge and capability to manage risks effectively.

Through this structured approach, the entity achieved a significant uplift in its security maturity, with strengthened resilience against both internal and external threats and improved assurance over the protection of sensitive information assets.

Outcome

The team successfully delivered a significant uplift in the entity’s security posture, achieving enhanced compliance with government security requirements, strengthened operational resilience, and improved alignment with best practice standards. In addition, a culture of accountability and continuous improvement was embedded across the workforce, ensuring that security was not only reinforced at a systems and procedural level but also embraced as a core organisational value.

Your Security System requires continual review and update to keep aligned to the operating environment and emerging risks. Bringing external experts in to provide you independent advice allows for modern practices to be established and insight from broad experience. We work collaborate with your team, who know your business and operating environment best, to build fit-for-purpose Security Systems.