Defence Research, Innovation and Collaboration Security (DRICS)
Security framework for Innovation Science and Technology (IS&T) activities with external entities.More and more Defence IS&T activities are being undertaken collaboratively.
To ensure that information generated or exchanged as part of an IS&T activity is protected in accordance with Defence policy, Defence has developed the Defence Research, Innovation Collaboration Security (DRICS) Principle and Control.
The enhanced security arrangements outlined in DRICS underpin Defence's ability to safeguard sensitive research, technologies and capabilities early in and throughout research and innovation cycles.
DRICS is aligned with the Australian Government's Protective Security Policy Framework (DSPF), Defence Security Policy Framework (DSPF), and the Defence Industry Security Program (DISP). The DRICS ensures that:
- IS&T sensitivity and security risks are understood and mitigated to an appropriate level.
- Defence and national security technology edge, capability and investment are not compromised.
The DRICS Principles and Controls are applicable to all Defence Groups and Services that have IS&T activities being conducted with or by external entities.
Security requirements for Defence collaborators
Defence IS&T external entities may be required to put in place the following security arrangements:
- Membership of the Defence Industry Security Program (DISP) – External entities may be required to achieve and maintain a specified level of DISP membership and/or apply additional controls to participate in a proposed IS&T activity. The DISP specifies the security arrangements to be implemented in terms of governance, personnel, physical security and cyber security.
- Security clearances - Personnel participating in the IS&T activity may require a specified level of security clearance.
- Conflict of Interest Form (AF182) to be completed by all participants in the activity.
Overview of process
- An IS&T activity is proposed.
- Defence assesses the type, category, sensitivity or security classification and risk of any information likely to be generated or exchanged when an external IS&T activity occurs. Defence determines the proposed DISP and associated security requirements.
- Defence draws up an IS&T activity agreement, incorporating the required security measures.
- Defence consults with the external entity to assess and/or ensure that the external entity either has security arrangements in place or can meet the requirements of the stipulated arrangements before commencing the IS&T activity that requires protection.
- Defence requests all personnel working with or on behalf of the external entity being engaged to complete a Conflict of Interest form.
- Security arrangements are monitored throughout the course of the agreement.
Please send any questions regarding Defence Research, Innovation and Collaboration Security to:
Email: QEVPF.Nfx.Hf@qrsrapr.tbi.nh