2.1
In undertaking its review of the administration of the intelligence agencies for the 2014–15 financial year, the Committee asked agencies to provide submissions addressing:
strategic direction and priorities,
legislative changes (if any) that have impacted on administration,
involvement (if any) in litigation matters,
human resource management,
changes (if any) to the structure of the organisation,
public relations and/or public reporting, and
performance management and accountability.
2.2
In their submissions, agencies outlined significant developments and relevant aspects of administration for 2014–15. Much of the evidence received was classified, however, and accordingly has not been authorised for publication. The Committee scrutinised all material provided and followed up several issues at classified hearings. This chapter reports the Committee’s findings on administration of the agencies. In some areas the discussion is necessarily general due to security needs.
Legislative changes
2.3
During the reporting period, the Committee conducted four inquiries into bills that affected the operations of the AIC agencies. Agencies provided submissions to and appeared at public and private hearings for the Committee’s inquiry into each Bill.
2.4
Following consideration of the Committee’s reports, the Parliament passed each bill with amendments and the bills received Royal Assent on the dates noted below:
National Security Legislation Amendment Act (No. 1) 2014
(Royal Assent on 2 October 2014)
Counter-Terrorism Legislation Amendment (Foreign Fighters) Act 2014 (Royal Assent on 3 November 2014)
Counter-Terrorism Legislation Amendment Act (No. 1) 2014
(Royal Assent on 12 December 2014)
Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015
(Royal Assent on 13 April 2015, with the implementation phase to commence outside the reporting period on 13 October 2015).
2.5
In addition to these legislative amendments, in August 2014 the Government announced a cross-agency funding package to support counter-terrorism measures. Chapter 3 outlines the additional funding received by ASIO, ASIS and ONA. In relation to these matters, ASIS commented that
this new funding means additional resources to enable staff and capability to be deployed against the terrorism threat. This was complemented with a raft of legislative changes to modernise the Intelligence Services Act 2001 (ISA) to ensure agencies, including ASIS, can be effective and flexible in their response.
2.6
Agencies reported on the effect of legislative changes in their submissions.
2.7
Agencies also noted their contribution to development of the legislation. ASIO, for example, stated that it had played a key role in collaboration with the Attorney-General’s Department and other agencies in the development of legislation during the reporting period.
2.8
In commenting on the impact of the changes, ASIO stated that the National Security Legislation Amendment Act (No. 1) 2014 had improved the legislative framework governing Australia’s intelligence agencies through addressing identified problems, introducing new powers, modernising certain provisions, and enhancing cooperation.
2.9
ASIO went on to outline work that had been undertaken to implement the legislative reforms, including ‘internal training, policy formulation, development of internal fact sheets and frequently asked questions, updating existing warrant templates and the establishment of new warrant templates’.
2.10
In addition, ASIO noted its involvement in:
development of draft legislation to amend the Telecommunications Act 1997 and related legislation, to introduce a regulatory framework to better manage national security risks to Australia’s telecommunications services and networks, and
amendments to state and territory legislation in relation to information security, consistent with the recommendations of the Joint Commonwealth–New South Wales review of the Martin Place siege.
2.11
AGO noted that amendments to the IS Act through the National Security Legislation Amendment Act (No. 1) 2014 had removed any doubt that AGO is enabled to provide Commonwealth and State authorities, and other approved bodies, assistance in relation to:
the production and use of geospatial products, and
the use and application of specialised imagery and geospatial technology, including web-based services.
2.12
Agencies commented on work that had been done to implement the Public Governance, Performance and Accountability Act 2013 (PGPA Act), which came into effect on 1 July 2014. In ONA, for example, this included revision of all corporate governance documentation, financial delegations and its risk-management framework; preparation of a corporate plan outlining strategic direction, performance evaluation and reporting against outcomes; and delegate and staff training.
2.13
ONA advised that its administration was affected by amendments to the IS Act, the PGPA Act, a determination amending the PGPA Act and subsequent amendments to the Office of National Assessments Act 1977. In summary:
amendments to the IS Act clarified and strengthened the protection of sensitive information obtained while working for ONA and closed a gap in the legislation covering unauthorised access to and communication of sensitive information produced by ONA or within the AIC,
the PGPA Act imposed a more direct and increased responsibility on ONA’s Director-General to achieve the purpose of ONA and ensure the sustainability of the agency, and
under a determination made under Section 105D of the PGPA Act, ONA’s classified annual report and corporate plan and its audited financial statements will not be tabled in Parliament, but submitted to the Prime Minister and IGIS, and made available to other Ministers as required.
2.14
ASIS similarly noted the significance to that agency of determinations made under section 105D of the PGPA Act.
2.15
The Public Interest Disclosure Act 2013 requires the intelligence agencies to submit an annual report to the IGIS on the number of disclosures received each year and how they are managed. For 2014–15, ONA submitted a nil return, AGO submitted a nil return, and ASIO reported three disclosures to the IGIS.
2.16
In evidence to the Committee about amendments to the IS Act, one agency argued that a comprehensive review of the Act is needed:
[W]e have now got to the point where we believe that those recent amendments, whilst they have helped, are not enough. The ISA, which was drafted some 15 years ago in a very different time—the pre-CT era in particular—is now outdated and, I would argue, no longer fit for purpose. Ultimately, I think we need to consider a review of national security legislation and the Intelligence Services Act in particular.
2.17
The agency explained this further:
Whilst the basic foundations of the act are sound, it was created in the late 1990s at a time when we were dealing with very different issues. It was coming out of the end of the Cold War—you are quite right—and we did not have counter-terrorism or terrorism issues as a major concern. There were not the people-smuggling issues. … We never thought we would have Australians involved in acts against our country, against our government, and that we would have to collect against them. … We did not foresee what we were going to encounter with terrorism …
The act was also created at a time when it was state-to-state threats. Now there are lots of non-state actors, and we need to work with a whole range of different groups. The act does not facilitate that in an easy form.
Litigation
2.18
ASIO provided advice about the number of litigation matters it was involved in during 2014–15, which included terrorism prosecutions and judicial and administrative reviews of ASIO Security Assessments. The Administrative Appeals Tribunal (AAT) reviewed and affirmed 11 of ASIO’s security assessments, primarily relating to passport cancellations.
2.19
ASIS was involved in several litigation matters in 2014–15. The agency continued to work with the National Archives of Australia on claims for access to classified ASIS material and, in one ongoing case from 2013, pursued protection of sensitive information in the Federal Court of Australia.
2.20
ASD was not involved in any litigation matters in 2014–15, but provided ad‑hoc advice to other AIC agencies on records subject to AAT cases.
2.21
During the reporting period, DIO assisted the Commonwealth Director of Public Prosecutions with the prosecution of a former Defence employee who had allegedly removed a DIO intelligence product from a secure Defence network and subsequently posted parts of it online. DIO advised that it examined and exempted elements of ongoing national security concern from the evidence used in this case and provided affidavits to the court as an expert witness. Sentencing occurred in the ACT Supreme Court in November 2015.
Use of ASIO’s special powers
2.22
ASIO reports each year on its special powers under the Australian Security Intelligence Organisation Act 1979 (ASIO Act) and the Telecommunications (Interception and Access) Act 1979 to use specific methods of investigation, which include telecommunications interception and access; use of surveillance devices; entry and search of premises; computer access; and the examination of postal and delivery service articles. The use of these powers is subject to a warrant approved by the Attorney-General.
2.23
Further, the ASIO Act enables ASIO, with the Attorney-General’s consent, to seek warrants from an independent issuing authority (a federal magistrate or judge) for questioning, or questioning and detention, of individuals.
2.24
The number of warrants approved by the Attorney-General in 2014–15 is classified and cannot be reported by the Committee. However, the Committee notes there has been an increase in the number of warrants sought and issued. No administrative issues were brought to the Committee’s attention concerning these warrants.
Strategic direction and organisational structure
2.25
The Committee requested agencies to report on their organisation’s strategic direction and priorities, and a summary is provided below.
ASIO
2.26
ASIO noted that its strategic direction is set by ASIO’s Executive Board and is reflected in the allocation of resources across ASIO’s activities. ASIO’s Strategic Plan 2013–16 guided its activities in the reporting period, with ASIO focused on the following goals:
managing risk in a constantly evolving security environment, and
attracting, developing and retaining a professional and highly competent workforce.
2.27
ASIO noted that it had received additional resources during the reporting period for recruitment activities.
2.28
ASIO’s structure remained mostly unchanged through 2014–15. The Committee notes however that the structure was reviewed in this period with a restructure implemented in August 2015. ASIO provided additional information during the private hearing.
ONA
2.29
ONA restructured its analytic branches in 2014–15, resulting in a reduction of the total number of branches from ten to nine. As in previous years, ONA was led by its Director-General, supported by two Deputy Director-Generals, and maintained liaison offices in Washington and London.
2.30
ONA developed a new corporate plan for the period 2015–19, with a number of enduring priorities as well as specific priorities for 2015–16.
ASIS
2.31
There were a number of changes to ASIS’s organisational structure during 2015 to realise its future operating model. ASIS explained this in more detail to the Committee during the private hearing.
Defence Intelligence Agencies
2.32
In 2014–15, the Defence Intelligence Agencies (DIAs) contributed to the development of the next Defence White paper, the Force Structure Review and the First Principles Review of Defence. The First Principles Review was released on 1 April 2015, with Defence White paper released outside the reporting period on 25 February 2016.
2.33
In evidence to the Committee, the Deputy Secretary of the Department of Defence noted that the recommendations of the First Principles Review included establishment of a strategic policy and intelligence group that combined elements of former strategic and capability groups and the three Defence intelligence agencies. The Deputy Secretary explained that the intention of this recommendation was not to merge the Department’s policy and intelligence functions, but to ‘enrich policy advice and capability contestability and ensure the intelligence produced is relevant to the priorities of policy makers’. In particular, ‘[t]he authority and relative autonomy of the heads of the three intelligence agencies remains in regard to their mandate to provide independent assessments’. The group commenced outside the reporting period on 8 February 2016.
2.34
With regard to the Defence White paper, the Deputy Secretary noted that
[t]he defence intelligence agencies will benefit from substantial investment in modernised intelligence systems, including in particular the areas of signals intelligence, geospatial intelligence and cyber operations as well as all-source assessment.
2.35
The integrated investment program released with the White paper included funding for signals intelligence collection and processing, imagery collection, cyber capabilities and investment in information and communications technology (ICT) systems. More detail on this funding is provided in Chapter 3. In addition, the White paper allocated 800 new APS positions to intelligence related capabilities over the decade to 2025–26.
2.36
The Deputy Secretary stated that:
Recruiting and retaining the skills we need will be one of our major challenges and the defence white paper represents an enduring investment in defence intelligence that will ensure the three intelligence agencies have the resources and personnel to continue to provide government with timely, relevant intelligence advice.
2.37
ASD reported that outcomes from the First Principles Review ‘of greatest relevance to ASD will be the introduction of the new Deputy Secretary of Policy and Intelligence and fundamental changes to the capability development life-cycle’.
2.38
ASD noted that it launched a strategic plan in March 2015, setting the organisation’s priorities and goals for the next five years, and that, consistent with the strategic plan and the broader First Principles Review, it was currently reviewing its people and cultural reform strategies. ASD provided the Committee with further detail about its key goals and strategies during the private hearing.
2.39
ASD commented that its strategic direction and priorities ensure that
it is well positioned to meet government requirements for signals intelligence information security and coordination of TOP SECRET Information and Communication Technology (ICT) systems.
2.40
ASD’s structure underwent minimal change in the reporting period.
2.41
AGO released its AGO Strategy 2014–18 in December 2013, which defined three strategic goals to achieve a vision of ‘Richer and More Accessible GEOINT [geospatial intelligence]’. AGO continued through the reporting period to implement the Strategy’s five year Capability Improvement Program, with 41 percent of the Program achieved at 30 June 2015.
2.42
DIO reported on its strategic plan and implementation of a new organisational structure in late 2014 to better align its structure with analytical priorities.
Pathway to Change
2.43
The Pathway to Change: Evolving Defence Culture and Employment Pathways for APS Women in the Department of Defence (Pathway to Change) strategy was announced in March 2012 in response to a number of reviews into Defence culture. The strategy aims to ‘shape Defence’s attitudes, systems and behaviours to improve capability and ensure the continued support of the Australian public’. Each of the DIAs updated the Committee on their activities under the Pathway to Change strategy during 2014–15.
2.44
During the reporting period, the DIAs worked with the Chief Information Officer Group in Defence to ‘further embed a strong mentoring culture by consolidating existing mentoring programs and providing parenting outreach sessions’.
2.45
Specific activities undertaken by ASD during the year included hosting a ‘women in leadership’ event for staff across the intelligence and security group, coordinating and running a pilot Women in Leadership course, and hosting an International Women’s Day event where inaugural ASD International Women’s Day awards were presented.
2.46
Further, ASD advised that it is
conducting a review into the adoption of Pathway to Change initiatives within the organisation, with the aim of linking activities to the new ASD Strategic Plan, ensuring the Pathway to Change attitude is embedded into our corporate culture.
2.47
AGO’s Pathway to Change initiatives reported in 2013–14 continued this year and included ongoing support for the AGO mentoring program; promoting online courses for the joint mentoring program; improving the accessibility of its mentoring program resources; reporting on Pathway to Change activities and events in internal publications; expanding attendance of staff at women’s networking events; and staff participation in outreach sessions.
2.48
AGO reported that it is
currently transforming the way it does business through the [Capability Improvement Program], with a strong focus on staff support and development. Together the [Capability Improvement Program] and the Pathway to Change program will deliver significant cultural change within AGO.
Human resource management
2.49
The Committee requested agencies to provide an update on human resource management, including information on the following issues:
recruitment and retention strategies,
training and development,
2.50
Information provided to the Committee regarding each agency’s staffing arrangements was largely classified. Nevertheless, where possible, human resource management issues relating to each agency are discussed below.
Staffing demographics
2.51
As at 30 June 2015, ASIO had 1829 staff, up from 1795 a year earlier. This included 49 Senior Executive Service (SES) officers, 499 ASIO Executive Officer 1, 2 and 3 officers and 1281 other officers. 809 officers (44 per cent) were women; 109 came from a non-English speaking background; nine identified as Aboriginal or Torres Strait Islander; and 20 had a disability. 1254 (69 per cent) of ASIO’s officers were engaged in operational and intelligence-focused functions, with the remaining 575 officers engaged in enabling functions (corporate, information technology and public research). More than two thirds of staff had lengths of service of more than five years, and 25 per cent more than ten years.
2.52
ONA had 136 employees at 30 June 2015 (excluding the Director-General), down from 146 on 30 June 2014 and 153 a year earlier. The 136 staff members included 6 non-ongoing staff (down from 20 a year earlier), 20 part-time staff (up from 15 a year earlier) and four overseas-based staff (down from seven a year earlier). Approximately 41 per cent of ONA staff were women. 30 per cent of staff were under 35 years old, and 18 per cent were over 55 years old. One staff member was identified as having a disability.
2.53
Staffing demographics information provided by the DIAs was given classifications or Dissemination Limiting Markers, and cannot be published in this report. Broadly speaking, however, the numbers of civilian staff were lower at 30 June 2015 than the previous year across the agencies, partially offset by higher numbers of Australian Defence Force (ADF) staff.
Recruitment and retention strategies
2.54
ASIO reported that the additional funding it had received through the ‘Enhance Security Intelligence Capabilities to Counter the Islamist Terrorism Threat’ measure announced in August 2014 (see discussion in Chapter 3) resulted in ‘a shift in ASIO’s people strategy from a focus on reducing and consolidating, to one of expanding capabilities and growth’. ASIO completed 153 recruitment activities in 2014–15, including 73 technical and ICT activities, up from 35 the previous year.
2.55
ASIO advised that its recruitment during 2014–15 had focused on the ‘difficult to fill’ roles of intelligence officers, technical officers and ICT positions. ASIO’s expenditure on recruitment advertising for these roles increased from $599 739 in 2013–14 to $871 902 in 2014–15. This increase was attributed to greater participation in university career fairs and a national recruitment awareness campaign associated with the establishment of an online employment register during the year. ASIO attended 20 university career fairs nationally and conducted information sessions for targeted disciplines at a number of universities. As at 30 June 2015, over 4900 expressions of interest in ongoing employment opportunities at ASIO had been lodged using the register.
2.56
ASIO established a recruitment agency panel during 2014–15 to ‘provide talent sourcing expertise, increase screening capacity and as part of improving the first phase of the recruitment process’. A review of the panel arrangement at the end of 2014–15 identified ‘greater efficiency and effectiveness’ in recruitment of technical and ICT candidates and a ‘substantial increase in capacity’. In 2014–15, 21 per cent of candidates for technical and ICT job families were found suitable, compared to nine per cent in the previous year. This increase in the selection of suitable targets was also observed across other job families, and there was a reduction in the number of candidates withdrawing prior to vetting from 48 in 2013–14 to 26 in 2014–15.
2.57
At a private hearing, ASIO expanded on these initiatives and also referred to its efforts to tap into new recruitment markets, including a recent high‑profile campaign to recruit tradesmen and tradeswomen.
2.58
ASIS continued its three-tier approach to recruiting intelligence officers, graduates and technologists in 2014–15. ASIS engaged an external provider to develop marketing material for its technologist recruitment campaign, which included the development of a new YouTube video that also appeared in cinemas, and digital light boards at major domestic airports and in major metropolitan train stations in Sydney and Melbourne. Advertising for ASIS’s 2016 graduate program, titled ACTIVATE, began in February 2015, with ASIS representatives attending university career fairs and expos nationally. ASIS also continued its ‘IQ+EQ=ASIS’ recruitment campaign for intelligence officers during March and April 2015.
2.59
ONA updated the Committee on the number of new starters in the reporting period, noting that it continued to establish flexibility within its workforce through a range of employment options, including non-ongoing engagement provisions, temporary transfers, secondments and short term fee-for-service contractors. In light of the increased threat of a terrorist incident to law enforcement and intelligence officers, ONA also gained approval to cease publishing the names of successful candidates to ONA in the Australian Public Service Gazette.
2.60
ASD conducted 82 recruitment rounds in 2014–15. It received 84 new arrivals in 2014–15, an increase from 75 the previous year but still significantly lower than in previous years (175 in 2012–13; 226 in 2011–12). Ten per cent of new arrivals to ASD came from other DIAs, 19 per cent from broader Defence, and two per cent from the private sector. 39 new arrivals (46 per cent) were graduates, continuing a downsizing of ASD’s graduate program from 47 arrivals in 2013–14, 68 in 2013–14 and 89 in 2011–12.
2.61
The Committee discussed the graduate program with ASD’s Director at a private hearing. The Director related the reduced size of the program to the decreasing number of Australian students studying physics and mathematics at university combined with the high demand for those graduates from employers, particularly in the private sector. The Director outlined some of the action ASD is taking to improve its recruitment of skilled employees, including streamlined processes and innovative recruitment campaigns.
2.62
The Committee also discussed recruitment matters, including approaches being taken to attract employees with different skill sets and streamline recruitment processes, with the heads of DIO and AGO at the private hearing.
Separation rates
2.63
The average separation rate across the APS for 2014–15 was 7.5 per cent. Of these separations, 42.6 per cent were attributed to retrenchment (of which 5.4 per cent were involuntary), 34.8 per cent due to resignation, 17.4 per cent due to age retirement and 1.4 per cent due to termination.
2.64
ASIO reported a separation rate for 2014–15 of 4.81 per cent (including three voluntary redundancies), a decrease from 7.68 per cent in 2013–14. This consisted of 61 resignations, 21 age retirements and 37 ‘other’ separations. ASIO added at a private hearing that its higher separation rate in the previous year had been affected by the number of voluntary redundancies, with the underlying separation rate being similar to the rate for 2014–15 at between four and five per cent. ASIO noted that while such a low separation rate was good in the short term, it would not be desirable in the longer term as it could lead to problems associated with an ageing workforce.
2.65
Separation rates in other agencies varied. ASIS and ONA reported reductions in their separation rates, while the DIAs each reported increases in their separation rates for APS employees to levels above the Defence APS average of 7.6 per cent.
Training and development
2.66
All agencies reported on specific training and development activities undertaken during the reporting period, encompassing both corporate and operational activities.
ASIO
2.67
ASIO created a new training branch in July 2014 and increased resourcing for its training needs. In November 2014, the Director-General commissioned a review of ASIO’s training to ‘ensure that ASIO officers are well-positioned to serve the needs of the government and the nation’. ASIO advised that the results of this training review had informed its training over the final quarter of 2014–15, and would ‘continue to provide overarching direction into 2015–16’. ASIO further advised that there had been a greater focus on ‘enhancing existing partnerships with close national and international partners to deliver mutual training benefits and ensure best practices through benchmarking’.
2.68
ASIO reported that it had remodelled its Intelligence Development Program in 2014 to provide an ‘enhanced multifaceted program aimed at delivering “job ready” graduates’. It completed two rounds of the Intelligence Development Program in 2014–15, and delivered foundational intelligence training to more than 50 officers in either analytical or operational divisions.
2.69
ASIO has begun offering a one-year Technical Officer Graduate Program aimed at university graduates, including placements in a range of technical areas such a software development, technical development, telecommunications, computer forensics and technical operations. The first participants in this program were expected to graduate in February 2016, at which time the next program would commence.
2.70
ASIO also reported that it had given ‘significant focus’ to refining current and developing advanced and specialised development opportunities for practising intelligence professionals, including through a range of joint training initiatives with close foreign partners, both onshore and offshore.
2.71
In regard to corporate training, ASIO ‘refreshed and remodelled’ its new starter induction program in 2014–15. ASIO approved 3426 instances of face‑to‑face training (more than double the 2013–14 figure), attended by 1752 employees across 60 training courses.
2.72
ASIO continued to implement its Management and Leadership in Security Intelligence Strategy 2013–16, including a ‘shared-services approach to strengthening management and leadership capability across the [AIC]’. In addition to three established pathway programs, ASIO offered further development opportunities to graduates of the ‘Introduction to Management Program’ and the ‘Mastering Management Program’. ASIO reported that its continuous evaluation processes had identified clear evidence that the strategy’s programs had a positive effect on the organisation. Outside the reporting period, the success of the strategy was recognised through the Australian Human Resources Institute’s Rob Goffee Award for Leadership Development.
2.73
ASIO reviewed its e-learning capability in 2014–15, which resulted in the removal of obsolete modules and the republishing of in-house developed content. Twelve new e-learning modules were published, including seven for personal safety and security and four relating to record-keeping. There were 3320 instances of mandatory and 1362 instances of non-mandatory completions of e-learning during the year.
2.74
In 2014–15, around 10 per cent of ASIO staff received support to undertake study or language development. 119 officers participated in ASIO-supported study programs, at a cost of $301 764, including 89 courses across a range of disciplines.
ONA
2.75
ONA reported that it had delivered training on giving and receiving feedback to coincide with the launch of its updated performance development framework (see below). It also delivered training on recruitment and selection processes as part of its diversity project.
2.76
Other information provided by ONA on its training programs was given Dissemination Limiting Markers and could not be included in this report.
DIAs
2.77
All Defence APS and ADF staff members are required to undertake and maintain proficiency in four mandatory training courses: Work Health and Safety Awareness; Equity and Diversity Awareness; Fraud and Ethics Awareness; and Security Awareness. Defence APS staff are also required to undertake a Defence Enterprise Collective Agreement training course for either supervisors or employees. The DIAs each reported on the percentage of their staff attending the mandatory courses. Similarly to previous years, the figures indicated that a significant majority, but not all, staff in each agency had completed the mandatory training.
2.78
ASD noted that all new employees attend a ‘Day One Security Brief’ and an ‘Introduction to Defence Intelligence Security’ within their first four weeks. While DIA staff members were previously required to attend face-to-face ‘Security Refresher’ training each year, as of 30 June 2015, this face-to-face training was replaced by an e-learning course.
2.79
ASD advised that it had continued to invest in leadership and management development through the ‘Executive Leadership Development Program’ and ‘Middle Management Program’, both of which are conducted for employees within the Defence Intelligence and Security Group. Each program was conducted five times in 2014–15, with 23 ASD employees at the EL2 level attending the Executive program, and 61 ASD employees at APS6 and EL1 levels attending the Middle Management program. A further 53 ASD employees at APS6 and EL1 levels attended the ‘Stepping Stones’ program, which focuses on responses to rapid organisational change and was run on five occasions in 2014–15.
2.80
ASD further advised that a new Women’s Leadership Program had been created for female employees in the Defence Intelligence and Security Group. The program, which is targeted at APS5, APS6 and EL1 levels, is intended to support the ‘presence of women in leadership roles and aid them to step up into leadership positions’. In 2014–15, 102 ASD employees attended the program, which was run on nine occasions.
2.81
During 2014–15, ASD reviewed and redeveloped its compliance training suite to improve and maintain its relevance for all staff. The compliance program aims to ensure that all staff, including APS staff, contractors and internal and external ADF members, are aware of their legal and policy responsibilities. Compliance courses offered in 2014–15 included an online introductory course for new starters; a mandatory classroom based course promoting general compliance knowledge; tailored, practical, example-based training addressing specific aspects of compliance most relevant to mission areas; annual refresher training; and online training aids and information packages.
2.82
Further information provided by the DIAs on their training programs was classified or given Dissemination Limiting Markers and could not be included in this report.
Individual performance management
2.83
All agencies reported on their arrangements for managing the performance of their employees.
2.84
ASIO reported that none of its employees were required to participate in its formal underperformance management process in 2014–15 (down from four in 2013–14). ASIO completed three misconduct investigations in 2014–15 (down from nine in 2013–14), with specific breaches including:
contravened or failed to comply with a term or condition of employment, including the ASIO Values or Code of Conduct;
been inefficient or lacks diligence in the performance of his or her duties; and
engaged in dishonest or misleading behaviour.
2.85
ONA advised that it had updated its performance development framework in 2014–15, which all employees were expected to participate in. The framework requires employees to ‘meet regularly with their managers to discuss, set, document and review work priorities and development expectations’.
2.86
ONA noted several individuals and teams who had high performance formally acknowledged through AIC and Australia Day awards programs. ONA also advised that there were no breaches of the Code of Conduct or investigations in 2014–15.
2.87
ASD advised that the performance of its APS employees was formally assessed twice a year as part of the Defence Performance Feedback Assessment and Development Scheme process, which is linked to performance progression payments. ASD reported that approximately 94 per cent of APS employees had their performance progression approved in the reporting period. Of those denied progression, nine were due to failing to complete mandatory training. The remaining employees were ineligible for progression due to a range of reasons, including that they were on probation, were on leave, or were new starters, trainees or recently promoted. Five employees had their progression deferred due to ‘partially effective performance’. The other DIAs reported similar proportions of employees being denied progression.
2.88
ASIS provided details in its submission of its Performance Development Agreement framework and noted that it was developing a new performance framework to reflect the capabilities and behaviours expected from officers encompassed in the Australian Public Service Commission’s Integrated Leadership System, Work Level Standards and ASIS-specific capability requirements.
Workplace diversity
2.89
Agencies provided information on the diversity of their workforces. Where possible, this information has been included in the ‘staffing demographics’ section above.
2.90
As with previous years, gender diversity was given particular focus. In June 2014, 57.9 per cent of ongoing employees of the total APS were women. The proportion of women to men in the AIC, however, was significantly lower. Agencies reported on a range of initiatives to address gender inequality in the AIC.
2.91
As noted earlier, women comprised approximately 44 per cent of ASIO’s workforce. This figure was steady on last year’s result. The gender gap continued to be most pronounced at senior levels, consistent with patterns in the broader APS. There was some improvement at the most senior levels, however, with 16 out of 49 (or 33 per cent) of ASIO’s SES managers being women, up from 11 (25 per cent) in the previous year. Approximately 37 per cent of ASIO ‘Senior Officers’ (equivalent to Executive Level 1 and 2) were women, down slightly from the previous year, and 51 per cent of grade 1 to 6 ASIO officers were women, up slightly on the previous year. Only 16 out of ASIO’s 107 Information Technology Officers and Engineers were women (around 15 per cent).
2.92
ASIO reported that its Director-General was an active member of the Heads of Intelligence Agency Meeting (HIAM), which, noting that only 40 per cent of the AIC workforce was female, initiated an investigation in 2014 into the ‘causes and implications of the existing gender imbalance across the AIC’. Associated with this, ASIO participated in an AIC-wide gender equity survey and facilitated follow-up focus groups with both male and female staff members. HIAM also established a Gender Equity Steering Committee, including three members of ASIO’s management team.
2.93
At the time of its submission, ASIO was focused on developing a Gender Equity Strategy to consider gender issues specific to ASIO more closely. The strategy was intended to be finalised by early 2016, with implementation to commence during the year. It was expected to include the identification of key metrics to monitor progress, focusing on cultural change, strengthening capabilities and flexible working arrangements.
2.94
Approximately 41 per cent of ONA staff members were women, as noted earlier. ONA noted that it had led the AIC-wide project examining gender equity and diversity in 2014–15, resulting in a report titled Gender Equity in the AIC: Survey and Focus Groups.
2.95
ONA established a Diversity Working Group, chaired by the Director-General, and developed an interim Diversity Action Plan. ONA also reported that it:
wrote a Statement of Commitment to Diversity,
created a diversity page on its intranet,
conducted a gender-themed all-staff presentation,
developed and piloted a course to improve recruitment and selection processes and outcomes,
introduced a peer support program for new starters,
reviewed recruitment policies and candidate information kits to include more inclusive, meaningful language, and
routinely provided details in its all-staff newsletter on the gender mix of applicants for ONA vacancies.
2.96
Other agencies also provided statistics on their gender diversity. The total proportion of female staff members amongst the DIAs remained low compared to other AIC agencies and the broader APS. The proportion of women increased in one agency, decreased in another agency and remained steady in the third agency. ASD noted that it had five Equity Advisers based in Canberra and one at its external site in Geraldton, WA.
Language skills
2.97
ASIO reported that it spent $432 335 on language training in 2014–15 for 46 employees across 15 languages, following 54 language development business cases. ASIO noted that employees were encouraged to apply for its Language Skills Development Program, which is aimed at building language capability where relevant to an employee’s role.
2.98
ASD reported that 117 of its staff members received a Language Proficiency Allowance for between one and four languages to assist them to achieve and maintain their proficiency.
2.99
Further information in relation to language skills and the use of proficiency allowances cannot be published due to classifications or Dissemination Limiting Markers.
Staff feedback and complaints
2.100
ASIO advised that it had conducted a functional review of the role of the ASIO Ombudsman during 2014–15 to ‘ensure the role met business requirements, supported employment legislation and provided adequate staff and management support’. It added that a limited tender had been advertised in appointing the role ‘to ensure it remains a position of impartiality’.
2.101
ASIO described the role of the ASIO Ombudsman as follows:
The role of the ASIO Ombudsman will continue to include the provision of impartial and confidential services to staff and management. The position is a vehicle to address staff-related concerns through advice, consultation and mediation—and as a reporting mechanism to management on trends or themes to enable appropriate remedial action. The Ombudsman role has some capacity to undertake complex formal investigations.
2.102
The ASIO Ombudsman provided advice in relation to 35 general queries and ‘more substantial’ advice regarding performance, bullying and harassment on nine occasions. The Ombudsman undertook four formal investigations, including two into allegations of inappropriate conduct, one Public Interest Disclosure investigation, and one ‘process inquiry’ into the advertising of internal job vacancies. The Ombudsman also provided input into a range of presentations on the role and on the importance of the ASIO Values and Code of Conduct, and met regularly with ASIO’s senior management and representatives of the Staff Association.
2.103
ASIO reported that three disclosures had been made under the Public Interest Disclosure Act 2013 (the PID Act) in the reporting period and allocated to an investigating body. ASIO noted that the disclosure investigations ‘found no findings of maladministration, wastage of public money or abuse of public trust’, but that they ‘did produce recommendations aimed at improving organisational communication, effectiveness and overall accountability’.
2.104
ONA advised that it had received no formal complaints of inappropriate behaviour during the reporting period. It noted that the majority of its staff had participated in the Australian Public Service Commission’s APS Employee Census in June, providing them with an opportunity to ‘have a say about issues affecting their work environment’. ONA considered that its results ‘again compared favourably when benchmarked against the wider APS and a cohort of specialist APS agencies’.
2.105
All complaints of unacceptable behaviour involving Defence personnel or contract staff are required to be recorded in the ‘COMTRACK’ database by the complainant’s manager. Agency heads are provided with reports from COMTRACK to ‘allow them to monitor unacceptable behaviour within their agency’, while responsibility for resolving the complaint remains with the complainant’s manager or supervisor.
2.106
ASD had ten recorded complaints of unacceptable behaviour during
2014–15 (up from eight in 2013–14). ASD reported that three of these complaints were unsubstantiated, two were substantiated with an informal resolution, one substantiated with formal resolution and two cases remained open. One complaint was withdrawn and another was ‘unable to be resolved prior to the respondent leaving the Department’.
2.107
ASD reported that the IGIS had received one complaint during 2014–15 from an individual seeking employment with an ASD contractor who was not employed as a result of an Organisational Suitability Assessment having recommended against employing the complainant. ASD reported that, following investigation, the IGIS was satisfied that there was no evidence to suggest that ASD had acted inappropriately.
2.108
ASD also reported that:
one ‘Review of Action’ application had been received from an ASD employee, but it was subsequently withdrawn, and
no cases had been lodged with the Fair Work Commission in 2014–15, although one ongoing case from 2013–14 was finalised in 2014–15.
Complaints to the Inspector-General of Intelligence and Security
2.109
Under the Inspector-General of Intelligence and Security Act 1986, the IGIS may receive and inquire into complaints in respect of actions taken by intelligence agencies, including in relation to disclosures under the PID Act.
2.110
The IGIS received a total of 496 complaints in 2014–15, of which 23 were non-visa related. Of the non-visa related complaints, nineteen were about ASIO, three related to ASIS and one related to ASD. These complaints covered a range of matters, many of which were employment-related. In summary, complaints related to the execution of search warrants; the basis of, and processes associated with, individual security assessments; the removal of employee security clearances; claims of detriment caused by the actions of intelligence agencies; the impact of organisational suitability testing on private sector employment opportunities; the effectiveness of Information Technology security arrangements for online job applications; and delays in security checks for Aviation Security Identification Cards and Maritime Security Identification Cards.
2.111
Four disclosures were also made to the IGIS in 2014–15 under the PID Act:
A disclosure by a former employee of an intelligence agency relating to the legality and propriety of operational activities allegedly undertaken by an AIC agency in cooperation with a foreign intelligence agency. The IGIS found no evidence to substantiate the claim, but during the investigation identified ‘another matter, not raised in the original complaint, which was pursued separately with the agency’.
A disclosure by an individual who previously had a close working relationship with an intelligence agency concerning a contractual dispute and a number of broader concerns about agency conduct. The IGIS found that there were ‘serious gaps in the record keeping of the relevant agency which impeded the IGIS investigation and that in light of the seriousness of some of the concerns, better systems should have been in place to ensure these were detected and addressed earlier’.
A disclosure involving claims of workplace bullying and harassment allegedly left unaddressed by management. The matter was allocated to the relevant agency, with the investigation report provided to the IGIS at its conclusion.
A disclosure raising issues that had previously been the subject of thorough review. The new issues raised in the disclosure ‘were found not to meet the PID disclosure threshold’.
2.112
The IGIS noted that, in addition to the four disclosures made directly to the IGIS, she had been advised that four PID cases had been processed by the agencies during the reporting period.
2.113
The inspection and inquiry-related activities of the IGIS during the reporting period are summarised later in this chapter.
Accommodation
2.114
As noted in last year’s review, ASIO took possession of its new central office, the Ben Chifley Building in Parkes, ACT, on 7 August 2014. No further written evidence relating to ASIO’s accommodation was received as part of the 2014–15 review. However, at a private hearing ASIO reported that, following the move, the new building had been well received by staff.
2.115
ONA advised that its property expenses for 2014–15 totalled $5.45 million, equating to $1039 per square metre. The occupational density of its building—the Robert Marsden Hope Building in Barton, ACT—was 20.8 square metres per occupied workpoint, with a vacancy rate of 19.8 per cent. ONA noted that its 15 year lease of the building from the Industry Superannuation Property Trust had been committed to prior to the introduction of whole-of-government occupational density targets. It added that the Robert Mason Hope Building ‘continued to perform within the energy efficiency standard required by the Energy Efficiency in Government Operations policy’.
2.116
ASD reported that the Australian Cyber Security Centre (ACSC) was officially opened by the Prime Minister on 27 November 2014. The majority of ASD’s Cyber Security Branch, approximately 200 staff members, were relocated to the ACSC in the Ben Chifley Building in October 2014.
2.117
AGO noted that it had refurbished its critical fixed plant and equipment in 2014–15 to ‘ensure the operational readiness’ of its headquarters in building R4 of the Russell Offices complex in Canberra. These works included upgrading the building’s automated management systems, air conditioning and power supply systems. AGO also continued the refreshment of its SES office areas and its outdoor courtyard with the installation of a new Public Address system.
2.118
Additional classified evidence relating to accommodation was received from agencies as part of the Committee’s review. The Committee also discussed aspects of ASIS’s accommodation requirements at a private hearing.
Security matters
2.119
Security functions within the AIC agencies encompass physical, ICT, and personnel security.
2.120
The Committee’s review of security matters included security policies and procedures, security training, security breaches, e-security arrangements, and security clearances.
2.121
Much of the evidence on security matters was classified. However, the Committee notes that throughout 2014–15, safeguarding initiatives, and security enhancements and improvements, continued to be implemented across the AIC.
2.122
Agencies reported that they continued to apply robust and effective security arrangements and to maintain compliance with the Australian Government’s Protective Security Policy Framework.
2.123
Activities undertaken by agencies included:
physical and technical security audits,
upgrading facilities and systems to meet security standards,
reviews of internal security policies, procedures and risk management frameworks,
security briefings for other government agencies,
enhanced staff awareness and security training, and
inter-agency working groups on best practice and common standards.
Security policies
2.124
ASIO noted that its security policies and practices are compliant with the Australian Government’s Protection Security Policy Framework. In addition, ASIO develops and maintains policies and guidelines that are specific to the ASIO security environment.
2.125
Within ASIO, security governance is overseen by a Security Committee, comprised of senior executives and chaired by a Deputy Director-General, which makes recommendations to ASIO’s Executive Board.
2.126
Agencies continued to work on mitigating threats from trusted insiders throughout the reporting period.
2.127
ASIO reported that its approach to malicious insiders had focused upon four areas:
participation in the Attorney-General’s Department-led Personnel Security Strategic Reforms Taskforce,
development of a malicious insider threat product for dissemination across government and security vetting officers at all security levels.
targeted malicious insider threat briefings for key Australian Government agencies, and
development of targeted outreach activities to industry and government.
Security training
2.128
All ASIO employees must comply with mandatory training requirements and ASIO noted that it had ‘invested heavily in developing an overarching and comprehensive personal safety and security training continuum for the workforce’. This included a mandatory Personal Safety and Security Workshop for all staff, with advanced modules for some staff as required. Some staff from close partner agencies, including the ACSC, also participated in the workshop.
2.129
ASIO explained measures that had been implemented in response to current threat levels to augment its security training for staff, and changes to the physical security of the ASIO building.
2.130
Mandatory security training for all staff working in an area that ‘discusses, processes, stores or uses sensitive compartmented information’ is one of a number of mitigation strategies used by the DIAs to protect information of national security significance. Training is provided to ADF personnel, APS staff, contractors, foreign liaison staff, ‘integrees’ and other staff lodging within the DIAs.
Security breaches
2.131
Agencies reported to the Committee on the number and nature of security breaches reported during 2014–15, including any action taken as a result of the breach(es). Agencies also reported on internal and external risk mitigation strategies employed to protect information of national security significance.
2.132
While the Committee cannot report any details concerning security breaches, the Committee notes that none of the breaches resulted in a loss or compromise of national security classified material.
2.133
Agencies noted that increased staff awareness of protective security requirements had impacted on the number of security breaches reported.
2.134
ASIO stated that it was required to report annually on its security status, including security breaches, to the Secretaries’ Committee on National Security and the National Security Committee of Cabinet. Relevant senior managers in ASIO were notified of breaches within their branch or division to enable proactive management of each occurrence.
Security clearances
2.135
Personnel across the AIC are required to secure and maintain an appropriate security clearance to perform their roles.
2.136
As part of its review, the Committee sought evidence from agencies about current procedures, timelines, delays and any associated outsourcing arrangements.
2.137
Agencies reported on these matters in their submissions and in classified evidence to the Committee.
2.138
Of note during the reporting period in relation to security clearances were reforms to personnel security policy introduced by the Attorney-General’s Department in September 2014 and a report by the Australian National Audit Office (ANAO) into security vetting, which is discussed further below.
2.139
Timeframes to obtain a Positive Vetting clearance through the Australian Government Security Vetting Agency (AGSVA) increased during the reporting period. Agencies advised that the eligibility requirements for clearance holders were updated in the Protective Security Policy Framework in September 2014, which was likely to have contributed to increased vetting timeframes. ASD noted that the increased timeframe has had a resultant impact on other aspects of the vetting process, such as requests for waivers.
2.140
ASIO, which conducts its own security vetting, reported that pressure on its initial vetting and review processes had not abated since the previous reporting period. However,
ASIO’s initial vetting and vetting review resources were bolstered in the reporting period in response to existing pressures and to support additional recruitment associated with supporting the government’s response to the increased terrorism threat.
2.141
ASIO stated that it continues to be proactive in seeking ways to become more efficient in security vetting processes. This has included:
introducing critical testing earlier in recruitment processes,
leveraging existing information sources wherever possible,
reviewing the continued validity of processes, and
taking a more active approach to maintaining clearances.
2.142
Greater detail on these matters was provided in classified evidence to the Committee.
2.143
ASIS, which like ASIO undertakes its own security vetting, also noted pressures upon the vetting process. Similarly, ONA informed the Committee of its current vetting processes and initiatives to facilitate staff commencing work with the organisation without unreasonable delay.
2.144
In its performance audit on Central Administration of Security Vetting, the ANAO noted that the 2014 reforms to personnel security policy were intended to ‘clarify the responsibilities of government entities, direct resources to the areas of greatest risks and further strengthen the assessment of a person’s ongoing suitability to hold a security clearance’. As part of these reforms, the revised Personnel Security Protocol introduced new minimum personnel security checks.
2.145
The ANAO audit identified that AGSVA had responsibility for over 349 000 active Australian Government security clearances, including those of the DIAs. The ANAO noted that AGSVA had faced numerous difficulties since its establishment in 2010, and in 2013–14 met benchmark timeframes for 55 percent of security clearances. The audit found that the average processing time for Positive Vetting clearances had been rising steadily since 2010–11, and in 2013–14 exceeded the six month benchmark by around 40 per cent, resulting in an eight to nine month timeframe.
2.146
A second fundamental issue, identified by the ANAO in a ‘deep-dive risk assessment’ presented in March 2015, was that AGSVA was ‘not able to meet the revalidation requirements for existing security clearance holders’.
2.147
The ANAO’s view was that periodic review of security clearances is a key risk mitigation measure. Of relevance to the work being undertaken by the AIC agencies on security, the ANAO commented:
In March 2015, over 13 000 security clearances were overdue for revalidation—a process involving the assessment of individuals’ ongoing suitability to hold security clearances. The backlog is a consequence of AGSVA using available resources to prioritise the processing of initial clearances, so as to enable employees and contractors to start work in positions that require a security clearance. The significant backlog of revalidation work requires management attention at a time of heightened government concern about the threat posed by trusted insiders.
2.148
The Committee received a briefing from the ANAO on the audit findings. The Committee also discussed with the DIAs the impact of vetting timeframes on recruitment processes, measures being used to mitigate increased timeframes and options to increase AGSVA resources.
2.149
Some agencies noted their involvement in a whole-of-government project, led by the Attorney-General’s Department, which is trialling a continuous assessment model for security clearances. Agencies provided additional information to the Committee during the private hearings.
Oversight, accountability and performance assessment
2.150
There are a number of internal and external oversight and accountability mechanisms in place for each of the intelligence agencies to provide assurance to the Australian public of the legality and propriety of their activities. These mechanisms include:
Ministerial and Parliamentary accountability,
for ASIO, the Independent Reviewer of Adverse Security Assessments.
2.151
Agencies also regularly undertake, or are subject to, a formal assessment of their performance.
2.152
ONA noted that its overall performance is evaluated on an annual basis by the Department of Prime Minister and Cabinet (PM&C), which reports to Government on the outcomes of the evaluation and any suggestions for change. Matters addressed in the evaluation, drawing in part on a survey of ONA’s customers, are the timeliness and relevance of assessments, responsiveness to policy maker needs, and issues affecting performance, such as resourcing pressures.
2.153
In addition, ONA prepares a classified annual report for the Prime Minister each year and reviews its assessments through its Key Judgments Review on a biannual basis. DIO also undertook a number of Reviews of Key Judgements in the reporting period.
2.154
Several agencies considered progress against their strategic objectives. DIO undertook two internal reviews during 2014–15 to improve resource allocation and processing. Similarly, ASD undertook several internal reviews.
2.155
ONA also undertakes two broader evaluations. First, ONA undertakes annual performance evaluations of ASD’s, AGO’s and ASIS’s foreign intelligence collection activities, which, with the evaluations of ONA and ASIO by PM&C, are provided in an annual report to the National Security Committee of Cabinet. Secondly, ONA undertakes special-purpose evaluations of key foreign intelligence activities.
2.156
ONA also provides advice to government on the adequacy of Australia’s foreign intelligence resources.
2.157
The Committee obtained further information on the performance assessment of some agencies during the private hearings.
Inspector-General of Intelligence and Security
2.158
The IGIS is an independent statutory office holder with responsibility for reviewing the activities of the AIC agencies. The IGIS’s purpose is to ensure that
each intelligence agency acts legally and with propriety, complies with ministerial guidelines and directives, and acts consistently with human rights.
2.159
The IGIS can also, at the request of the Prime Minister, inquire into an intelligence or security matter relating to any Commonwealth agency.
2.160
During the reporting period, Dr Vivienne Thom held the position of IGIS. The Hon Margaret Stone was appointed IGIS for a five year term on 24 August 2015.
2.161
The Committee sought a submission from the IGIS on any issues of administration and expenditure arising during IGIS’s inspection and inquiry activities. The IGIS appeared at a private hearing, during which the Committee sought additional information on inquiries and other inspections conducted during the reporting period.
2.162
Agencies also informed the Committee about their interaction with the IGIS and her office throughout the reporting period.
Funding
2.163
The Committee notes that the Office of the IGIS has received additional funding and an exemption from the efficiency dividend. The IGIS’s budget increased from $2.2 million in 2014–15 to $3.05 million for 2015–16, allowing five additional staff to be recruited. In evidence, the IGIS informed the Committee about the impact this additional funding has had upon staffing and priorities in her office.
Major inquiries
2.164
In 2014–15, the IGIS completed a major inquiry into the management of weapons by ASIS in a specific location. The IGIS made 13 recommendations, all of which were agreed to by ASIS. Steps taken by ASIS to address areas of IGIS concern included:
establishing a compliance branch,
an extensive compliance outreach program,
widespread consultation with staff, and
a review of all ASIS policy and procedures, to be made centrally available on a new platform.
2.165
In addition, the IGIS noted that during the reporting period ASIS finalised implementation of the IGIS recommendations arising from the earlier 2013 inquiry into ASIS’s use of weapons. These recommendations included:
updated weapons related standard operating procedures for all stations where ASIS staff are or may be issued with weapons,
revised ASIS Guidelines for the use of weapons and self-defence techniques,
a review of operational environments to identify stations that require weapons and self-defence training, and
new safeguards and controls implemented in all stations where ASIS staff are or may be issued with weapons.
2.166
A second major inquiry, into certain actions of ASD, was close to finalisation at the end of the reporting period.
2.167
The IGIS continued to monitor implementation of the recommendations of the 2012–13 inquiry into ASIO’s analytic independence in the reporting period.
Agency inspections
2.168
Throughout 2014–15, the IGIS continued regular inspections of agency records to ensure that agency activities complied with relevant legislative and policy frameworks. The IGIS found that:
Overall the level of compliance in each of the intelligence agencies continued to be very high. While IGIS inspections and inquiries identified some issues and some others were self-reported by the agencies, these need to be understood in the context of the large and complex operational activities of the intelligence agencies.
2.169
The IGIS reported that in response to legislative changes, particular focus was given in 2014–15 to the inspection of new and amended powers. This included new inspections for:
ASIO warrants (identified person warrants),
Special Intelligence Operations (SIOs), and
passport suspensions and emergency visa cancellations.
2.170
The IGIS commented that she considered close scrutiny of identified person warrants to be appropriate given the Director-General of Security is now able to authorise the use of powers that previously required the Attorney-General’s approval.
2.171
Similarly, in relation to passport suspensions and emergency visa cancellations, the IGIS noted that:
As the thresholds for suspension or emergency cancellation are lower than for regular passport or visa cancellation, and merits review by the AAT is not available, the office has established an inspection program to review these cases and ensure ASIO’s actions and advice are appropriate based on the information available to it at the time.
2.172
The Committee discussed the use and review of these expanded powers with the IGIS during the private hearing. The IGIS commented that her Office’s reviews had found the new powers being used ‘effectively and responsibly’ by agencies.
2.173
Amendments to the ASIO Act by the National Security Legislation Amendment Act (No. 1) 2014 require the IGIS to be notified of the use of force during the execution of a warrant issued under the ASIO Act. Additionally, in its advisory report, the Committee had recommended that the IGIS provide close oversight of the design and execution of training for ASIO officers who may be required to use force. The IGIS reported that there had been close consultation between her office and ASIO, and that one notification had been received during the reporting period. The Committee obtained further information from the IGIS during the private hearing.
2.174
In relation to the IGIS’s inspections, the Committee asked representatives of the DIAs for additional information about matters raised in her submission. ASD advised that the number of matters reporting to the IGIS is very low and that breaches are ‘a very rare occurrence, given the number of ministerial authorisation subjects’. ASD explained to the Committee the nature of such breaches and how they might occur.
Independent Reviewer of Adverse Security Assessments
2.175
ASIO furnishes security assessments to Commonwealth agencies in accordance with the Australian Security Intelligence Act 1979. A security assessment may be adverse, qualified or non-prejudicial.
2.176
The role of the Independent Reviewer of Adverse Security Assessments (the Independent Reviewer) is to
[r]eview ASIO adverse security assessments (ASAs) given to the Department of Immigration and Border Protection in relation to people who remain in immigration detention and have been found to:
1. engage Australia’s protection obligations under international law, and
2. not be eligible for a permanent protection visa, or who have had their permanent protection visa cancelled.
2.177
During the reporting period, the Hon Margaret Stone held the position of Independent Reviewer.
2.178
The Independent Reviewer examines all material relied on by ASIO in making a security assessment, forms an opinion as to whether the assessment is an appropriate outcome, and makes recommendations to the Director-General of Security.
2.179
ASIO advised that the Independent Reviewer finalised 24 reviews during 2014–15 with the result that ‘46 of the 47 primary reviews within her cohort’ had been finalised at the end of the reporting period.
2.180
In relation to these 24 cases, the Independent Reviewer found:
in six cases, the adverse assessments to be appropriate.
in two cases where new assessments (one qualified and the other non‑prejudicial) were furnished by ASIO when her reviews were well advanced, the assessments to be appropriate.
in six cases, assessments to have been appropriate at the time they were furnished but no longer appropriate. After re-examining these cases, ASIO:
furnished five new qualified or non-prejudicial security assessments, and
in one case where the Independent Reviewer had recommended a non-prejudicial security assessment, furnished a qualified security assessment. In this case, the Independent Reviewer maintained her view that a non-prejudicial security assessment would be an appropriate outcome.
in two cases, flaws in ASIO’s assessment which meant she was unable to form a view as to the appropriateness of the adverse security assessment. In both cases ASIO furnished qualified security assessments, which the Independent Reviewer agreed were appropriate.
in three cases, the adverse assessment to be not appropriate. ASIO furnished non-prejudicial assessments after re-examining each case.
2.181
Additionally, in five cases, new qualified or non-prejudicial assessments were furnished by ASIO based on new information referred by the Independent Reviewer and ASIO’s own investigations.
Independent National Security Legislation Monitor
2.182
The Independent National Security Legislation Monitor (INSLM) is appointed under the Independent National Security Legislation Monitor Act 2010 on a part time basis for a three year term. The INSLM’s role is to
review the operation, effectiveness and implications of Australia’s counter-terrorism and national security legislation on an ongoing basis. This includes considering whether legislation contains appropriate safeguards for protecting the rights of individuals, remains proportionate to any threat of terrorism or threat to national security or both, and remains necessary.
2.183
The Hon Roger Gyles AO QC was appointed on an acting basis on 7 December 2014, pending appointment for two years on 20 August 2015.
2.184
ASIO reported in its submission on its contribution to the INSLM’s inquiry into the impact on journalists of section 35P of the Australian Security Intelligence Organisation Act 1979. The INSLM’s report was provided to the former Prime Minister on 21 October 2015 and tabled in Parliament on 2 February 2016.
Public relations
2.185
Where possible, agencies endeavour to engage with the public through their unclassified public websites and/or public statements and speeches made via their agency head.
2.186
ASIO noted that the Director-General provides attributable public statements through media responses, public speeches, appearances at parliamentary hearings and, occasionally, public seminars or conferences. During the reporting period, The Spy Catchers: The Official History of ASIO 1949–1963, volume 1 of the official history of ASIO, was published. Volume 2, which covers the period 1963 to 1975 was published in October 2015.
2.187
ONA makes a range of information available on its website, contributes to publications, and responds to Senate Orders and parliamentary questions.
2.188
ASD and, separately, the ACSC responded to media queries on a range of issues. For ASD this included cyber security incidents, recruitment and ASD’s support to the G20. ACSC addressed all media queries relating to its functions, as well as queries about cyber security incidents and the OnSecure website.
2.189
DIO noted that it had published its Defence Economic Trends in the Asia-Pacific in 2015 on the Defence website.
2.190
Throughout the year, senior executive officers of AGO gave presentations on geospatial intelligence (GEOINT) at conferences and other forums.
2.191
ASD participated in a number of public cyber security forums, workshops and presentations, and published articles relating to ICT security issues. This included a major update in April 2015 to the Australian Government Information Security Manual Controls Manual on Cloud Computing, as well as cyber security advice, published on OnSecure, ASD’s central online community for cyber security professionals within the Australian government and critical infrastructure agencies. ASD continued to promote cyber security awareness amongst Commonwealth, State and Territory government agencies through a range of activities.
2.192
ASD led the coordination and hosting of the inaugural ACSC Conference in 2015, describing the event as ‘an overwhelming success exceeding expectations by attracting over 800 delegates from Australia and internationally’.
2.193
Other activities undertaken by the ASCS included a YouTube video ‘Recognise. Report.’ aimed at educating Australians on cyber threats.
Requests for access to public records
2.194
Agencies continued to cooperate with requests for public access to agency records, balancing the right to access public records with the need to protect certain information from disclosure.
2.195
ASIO noted continuing challenges in meeting the 90 day legislative turnaround time for requests under the Archives Act 1983. Requests for access to ASIO records increased again in 2014–15, with 811 requests completed. ASIO advised that 10 individual applicants are responsible for 50 per cent of access requests.
2.196
Other agencies also responded to public access requests. DIO completed 78 of 87 referrals received during 2014–15, noting that a large proportion of the referred cases were multi-faceted priority cases. ASD received 31 requests, with three still being processed at the end of the year. AGO received no requests in the reporting period.
2.197
Agency participation in the National Archives of Australia Annual Cabinet Release continued.
Committee comment
2.198
The Committee has conducted a thorough review of the administration and expenditure of the six intelligence agencies for the 2014–15 financial year and is satisfied that agencies are overseeing their administrative functions effectively.
2.199
Agencies gained new or expanded powers during the reporting period through amendments to national security legislation, all of which were reviewed by this Committee.
2.200
The Committee was interested in the implementation of these changes and the development of necessary oversight arrangements. It also discussed whether there was a need for further legislative amendment with some agencies, and notes the call from one agency for a comprehensive review of the Intelligence Services Act 2001.
2.201
The Committee notes that the Government has initiated a periodic review of the intelligence community. The Committee considers that this review provides a timely opportunity to consider whether the Intelligence Services Act 2001 should be modernised to take into account changes to the operational environment of the intelligence agencies over the past 15 years.
2.202
As in previous years, agency priorities continued to adapt to the operational environment in 2014–15. Structural changes occurred in several organisations either during or after the reporting period, influenced by the allocation of additional funding.
2.203
While unable to include specific details in this report, the Committee notes that workforce management was a strategic objective across the intelligence agencies in this reporting period. Agencies continued to implement strategies to recruit and retain staff in a very competitive market, and to finalise security clearances as efficiently as possible.
2.204
Emphasis was also placed upon training, including security training, in this period.
2.205
The Committee acknowledges the efforts that are being made across the AIC agencies in relation to the timeliness of security vetting. The Committee accepts too that greater scrutiny is being applied to vetting arrangements. However, the Committee notes with some concern the findings of the ANAO audit in this area. This is a matter the Committee will continue to monitor in future reviews, particularly noting the impact on recruitment and the future capacity of the agencies.
2.206
In relation to oversight, the Committee welcomes the additional funding provided to the Office of the IGIS during 2014–15 in recognition of its increased oversight responsibilities and the Office’s exemption, with ONA, from the efficiency dividend. As the Parliament grants additional powers to the intelligence agencies in response to the changing security environment, it is essential that oversight be correspondingly strengthened. This includes ensuring that the Office of the IGIS is resourced at a level that allows it to appropriately execute its responsibilities.
2.207
Further comment about the efficiency dividend, and its impact on the intelligence agencies, is included in Chapter 3.
2.208
Overall, the Committee has not identified any areas of concern and considers that the administration of the six intelligence agencies is conducted appropriately.