asio corporate plan corporate plan 2020 … · our commitment to protecting our people,...

ASIO Corporate Plan2020–24

© Commonwealth of Australia 2020

All material presented in this publication is provided under a Creative Commons BY Attribution 3.0 Australia licence (http://creativecommons.org/licenses/by/3.0/au/deed.en).

The details of the relevant licence conditions are available on the Creative Commons website (accessible using the link provided) as is the full legal code for the Creative Commons BY Attribution 3.0 Australia licence (http://creativecommons.org/licenses/by/3.0/legalcode).

Use of the Coat of Arms

The Commonwealth Coat of Arms is used in accordance with the April 2014 Commonwealth Coat of Arms: Information and Guidelines, published by the Department of the Prime Minister and Cabinet and available online (http://www.itsanhonour.gov.au/coat-arms/index.cfm).

Contact us

Phone

General inquiries 02 6249 6299 or 1800 020 648

Business inquiries 02 6234 1668

Media inquiries 02 6249 8381

Email

[email protected]

Post

GPO Box 2176, Canberra ACT 2601

ASIO Corporate Plan 2020–24 1|

Director-General’s introduction

I am pleased to present the Australian Security Intelligence Organisation’s (ASIO) Corporate Plan 2020–24, as required under section 35(1)(b) of the Public Governance, Performance and Accountability Act 2013.

ASIO protects Australia and Australians from threats to their security. Our corporate plan lays out the framework for fulfilling this purpose and measuring our performance in financial years 2020–21 to 2023–24.

Australia’s security environment is complex, challenging and evolving.

Attempts at espionage and foreign interference are unprecedented in terms of scale, breadth and ambition. There are more foreign spies and their proxies operating in Australia now than at the height of the Cold War. Many of them have the intent, capability and persistence to cause significant harm to our national security.

All nations seek to influence other nations. When this happens in an open and transparent manner, it is not of concern. When it is conducted covertly or deceptively, however, it can be insidious, corrupting and malign. Foreign governments—and I emphasise the plural—are seeking to subvert our sovereignty and damage our national interests by interfering in our political system and the activities of Australia-based diaspora communities.

At the same time, the threat of terrorism remains unacceptably high. We know:

� Multiple terrorism offenders are scheduled for release from Australian prisons over the next five years.

� Around 80 Australians who travelled to Syria and Iraq to support extremist groups are still in the region, and some will bring their extremist ideology back to Australia.

� While Sunni Islamic extremism remains our principal concern, Neo-Nazi and other extreme right-wing groups are more organised, sophisticated and ideologically driven than before.

� Individuals in Australia continue to be radicalised, and the online dissemination of radicalising messages is reaching ever-younger targets.

Spies, terrorists and extremists are all seeking to take advantage of the COVID-19 crisis; whether by trying to exploit social and economic dislocation, or by increasing their attempts at espionage and foreign interference. In particular:

� Extremist ideology is spreading more quickly and widely as Australians spend more time online engaging with like-minded individuals.

� Spies and cyber criminals are stepping up their attempts to steal secrets, identities and financial resources as more Australians work from home using less secure networks.

ASIO counters these threats through the dedication of our staff—ordinary people who do extraordinary things—and our strong partnerships with law enforcement and national security agencies, governments, industry, academia and our international counterparts.

I am determined to ensure that ASIO continues to meet the expectations of the Australian people, the government, our stakeholders and our partners. Our corporate plan is an important instrument in this context: an embodiment of our commitment to accountability and transparency, and a strategy directing ASIO’s activities and resources so we may achieve our purpose. As Director-General, I seek to be as open as I can about ASIO’s work while safeguarding what needs to be protected.

While the security challenges facing our country are significant, ASIO remains determined to secure Australia and its people.

Mike Burgess Director-General of Security

ASIO Corporate Plan 2020–242 |

ASIO’s purpose

ASIO protects Australia and Australians from threats to their security.

Mike BurgessDirector-General of Security

Heather CookDeputy Director-General

Intelligence Service Delivery Group

Hazel BennettDeputy Director-General

Enterprise Service Delivery Group

ASIO

STR

ATEG

IC P

LAN

202

0–24

COUN

TER-

TERR

ORI

SM

Prot

ectin

g Au

stra

lians

from

po

litic

ally

mot

ivat

ed a

nd

com

mun

al v

iole

nce

COU

NTE

R–ES

PIO

NAG

E AN

D FO

REIG

N IN

TERF

EREN

CEPr

otec

ting

Aust

ralia

from

es

pion

age

and

fore

ign

inte

rfere

nce

BORD

ER S

ECU

RITY

Supp

ortin

g w

hole

-of-g

over

nmen

t e

orts

to p

rote

ct A

ustra

lia’s

bord

er

inte

grity

, inc

ludi

ng fr

om

peop

le sm

uggl

ing

REFO

RM P

ROGR

AM

Acce

lera

ting

our m

issi

on d

eliv

ery

GOVE

RNAN

CE A

ND

ACCO

UN

TABI

LITY

Com

mitm

ent t

o co

ntin

ual

impr

ovem

ent o

f ent

erpr

ise

man

agem

ent a

nd

gove

rnan

ce p

ract

ices

ASIO

pro

tect

s Aus

tralia

and

Aus

tralia

ns fr

om

thre

ats t

o th

eir s

ecur

ity

KE

Y P

RIO

RIT

IES

PU

RP

OS

E

EN

AB

LE

RS

VA

LUE

S

ET

HIC

AL

Embo

dy In

tegr

ity |

Bui

ld T

rust

EM

PO

WE

RIN

GEn

able

| I

nclu

de |

Col

labo

rate

EX

CE

LL

ING

Deliv

er V

alue

| D

rive

Acco

unta

bilit

y |

Ent

erpr

ise

Min

ded

CO

NT

EX

T A

ND

EX

TE

RN

AL

DR

IVE

RS

Geop

oliti

cal

and

othe

r gl

obal

shi�

sTe

chno

logi

cal

chan

geCo

mm

unity

ex

pect

atio

nsRe

sour

cing

La

bour

mar

ket

cons

trai

nts

Part

ners

hips

PEO

PLE

AND

CULT

URE

ASIO

’s pe

ople

wor

k to

geth

er

to le

vera

ge o

ur d

iver

se sk

ills

and

expe

rienc

e to

pro

tect

Au

stra

lia. W

e at

tract

, eng

age

and

reta

in th

e rig

ht p

eopl

e an

d le

ad th

em to

thei

r ful

l po

tent

ial.

SECU

RITY

ASIO

’s co

mm

itmen

t to

prot

ectin

g ou

r peo

ple,

so

urce

s and

cap

abili

ties,

ou

r equ

ities

and

thos

e of

our

pa

rtne

rs, a

nd th

e se

nsiti

ve

info

rmat

ion

we

hold

en

gend

ers t

rust

and

del

iver

s e

ectiv

e se

curit

y ou

tcom

es.

LEAD

ERSH

IP A

ND

INFL

UEN

CEAS

IO’s

succ

ess i

s un

derp

inne

d by

sta

who

ar

e m

issi

on fo

cuse

d,

oper

ate

as ‘O

ne A

SIO

’ an

d co

mm

unic

ate

as

a si

ngle

voi

ce.

RISK

AN

DGO

VERN

ANCE

ASIO

eng

ages

with

risk

in

all a

spec

ts o

f our

bus

ines

s.

Our

gov

erna

nce

fram

ewor

ks

enab

le fu

lly in

form

ed a

nd b

old

deci

sion

s whi

ch b

est p

ositi

on

us to

ach

ieve

our

mis

sion

.

TECH

NO

LOGY

AND

DATA

We

are

wor

king

to d

eliv

er

our i

ntel

ligen

ce m

issi

on w

ith

grea

tly in

crea

sed

spee

d an

d ac

cura

cy. W

e w

ill ra

pidl

y na

viga

te te

chno

logi

cal

adva

ncem

ent a

nd g

rasp

op

port

uniti

es to

inno

vate

. AS

IO d

eliv

ers v

alue

to

cust

omer

s and

par

tner

s by

mak

ing

sens

e of

com

plex

da

ta a

nd in

form

atio

n.

PART

NER

SHIP

S

ASIO

bui

lds e

ndur

ing

and

valu

ed st

rate

gic

part

ners

hips

to

incr

ease

the

reac

h an

d im

pact

of o

ur in

telli

genc

e e

orts

. Co

oper

atio

n is

bas

ed

on re

spec

t as w

e w

ork

toge

ther

w

ith o

ur p

artn

ers t

owar

ds

com

mon

obj

ectiv

es.

EV

OLV

ING

Adap

t |

Inno

vate

| E

ngag

e Ri

sk |

Cou

rage

ous


ASIO’s context and external driversASIO continues to operate in an environment characterised by uncertainty, and Australia remains impacted by serious security threats. While elements of these threats are constant, global developments—such as the COVID-19 pandemic, increasing political polarisation and major power dynamics—continue to shift their reach and effect on Australians.

The character of terrorism will evolve and take on a more dispersed and diverse face, creating new security challenges. Ideologues promoting violence to further their goals seek to do Australia harm.

The level of threat to Australia and its interests from foreign espionage and interference activities continues in its unprecedented breadth, scale and ambition. Foreign actors seek information about Australia’s capabilities, research and technology, and domestic and foreign policy. They will target all levels of government and industry, and continue attempts to influence Australian communities, media representatives and government officials.

At the same time, a range of threats continue to challenge Australia’s border integrity. ASIO will continue to work with our partners to ensure security risks to Australia’s border integrity are identified and mitigated.

ASIO’s challenge is to adapt to these shifts in our operating environment so we continue to secure Australia. ASIO will innovate and accelerate delivery of our mission through digitisation; our commitment to accountability, governance and business acumen; and our work with trusted partners to leverage and achieve national security outcomes.

We operate in a data-rich world. In response to the high volume and velocity of data and information, we will continue to evolve our analytic capabilities—deploying digital technologies, automation and artificial intelligence to strengthen human decision-making. Leveraging these capabilities will allow us to operate at the speed and scale necessary to detect and respond to threats as they emerge.

Recruiting the right talent will be challenged by sharp competition for in-demand skills. Identifying, recruiting and retaining critical specialised skill sets in a market contested by both government and industry will require flexibility in our workforce model. To meet this challenge, we will design our work, and our workforce, to continually adapt to meet our evolving mission priorities.

ASIO works as part of a team. Many of the challenges we face are shared, and we will develop solutions by working with our partners in the Home Affairs portfolio, the Office of National Intelligence and the National Intelligence Community, Australia’s law enforcement agencies, and our international counterparts. As Australia’s security service, we rely particularly on the continued trust of the Australian people to do our work. Our commitment to strong, independent oversight is unwavering, as is our desire to be transparent about ASIO’s activities where we can.


Key priorities and performance objectivesASIO will advance its purpose for the period 2020–24 through a series of key priorities. Our performance against these priorities will be measured through a combination of quantitative and qualitative methods, including defined targets, case studies, external surveys and stakeholder feedback, and identified milestones.

Counter-terrorismASIO protects Australians from politically motivated and communal violence. We do this by collecting intelligence here and overseas; analysing and investigating terrorism threats; and providing advice to, and working with, partners to strengthen public safety and intervening to disrupt attacks.

Counter–espionage and foreign interferenceASIO protects Australia from efforts by hostile foreign intelligence services to undermine Australia’s democratic systems and institutions. We do this by collecting intelligence to detect and deter espionage and foreign interference activities targeting Australian interests here and overseas, investigating threats and advising government and industry partners as we work with them to foster institutional and community resilience.

Border security ASIO supports whole-of-government efforts to protect Australia’s border integrity through intelligence collection and investigations into people smuggling activities. We provide unique analysis of, and security advice on, complex visa applications and other movements of goods and people, to advance the efforts of our partners in maintaining Australia’s economic and national security interests.

Reform programASIO is committed to accelerating the delivery of our mission through improvements to our technology. ASIO’s reform program will modernise our data analytics and increase the speed and scale of our discovery and investigative work; and deliver reforms across the Organisation to improve effectiveness in our decision-making, resolve threats quickly and drive down risk.

Governance and accountabilityHigh levels of public trust are critical to ASIO’s operations and the effective and efficient delivery of our purpose. ASIO achieves this through strict compliance with the law, stringent application of policies and procedures, and our active cooperation with external oversight. ASIO is committed to the continual improvement of our enterprise management and governance practices to assure Australians that we pursue our work with integrity and accountability.


Performance measuresImpact definitions*—the definitions to be shared with key stakeholders when determining what level of impact our advice (operational and/or policy) has had on their decision-making.

LOW MEDIUM HIGH

Our advice provided little or no context, and did not influence your decision-making.

Our advice provided context; was relevant and practical; and, influenced your decision-making.

Our advice was timely and relevant; practical, focused and provided or enabled exercisable options; and directly informed and shaped your decision-making.

Advice—for the purposes of this performance framework, ‘advice’ encompasses all forms of communication to the Australian Government, government agencies, and industry and community sector stakeholders that conveys ASIO’s expertise, intelligence, assessments, priorities and recommendations on security matters.

* Impact definitions relate to counter-terrorism, counter–espionage and foreign interference and border security measures.

Counter-terrorism1. Impact of policy development advice

Measure: The percentage of key stakeholders who confirm our counter-terrorism advice had a HIGH impact on their decision-making in relation to policy development and responses to terrorism.

Targets: (% and impact level)

2020–21 2021–22 2022–23 2023–24

80%; HIGH 80%; HIGH 80%; HIGH 80%; HIGH

Rationale: ASIO’s advice to partners within government, the national security community, industry and community sectors provides the knowledge and understanding that enables them to respond appropriately to security threats.

Methodology: Annual survey of key stakeholders who each meet the following criteria:

� drawn from Commonwealth agencies;

� ongoing, frequent recipient of ASIO counter-terrorism advice; and

� engaged in developing policy responses to terrorism.

2. Impact of operational activities advice

Measure: The percentage of key stakeholders who confirm our counter-terrorism advice had a HIGH impact on their decision-making in informing counter-terrorism operational activities, managing security risks and disrupting activities that threatened Australia’s security.


2020–21 2021–22 2022–23 2023–24

80%; HIGH 80%; HIGH 80%; HIGH 80%; HIGH



� drawn from Commonwealth and state levels, as well as stakeholders in private enterprise;

� ongoing, frequent recipient of ASIO counter-terrorism advice; and

� engaged in counter-terrorism operational activities, managing security risks, and/or disrupting terrorism activities that threaten Australia’s security.


Counter–espionage and foreign interference 3. Impact of policy development advice

Measure: The percentage of key stakeholders who confirm our counter–espionage and foreign interference advice had a MEDIUM impact on their decision-making in relation to espionage and foreign interference–related policy development and responses to this threat.


2020–21 2021–22 2022–23 2023–24

70%; MEDIUM 80%; MEDIUM 70%; HIGH 80%; HIGH



� drawn from Commonwealth agencies and departments;

� ongoing, frequent recipient of ASIO counter–espionage and interference advice; and

� engaged in developing policy responses to the counter–espionage and interference threat.


Measure: The percentage of key stakeholders who confirm our counter–espionage and foreign interference advice had a MEDIUM impact on their decision-making in informing counter–espionage and foreign interference operational activities, managing security risks and disrupting activities that threatened Australia’s security.


2020–21 2021–22 2022–23 2023–24

70%; MEDIUM 80%; MEDIUM 70%; HIGH 80%; HIGH



� drawn from Commonwealth and state levels, as well as stakeholders in private enterprise;

� ongoing, frequent recipient of ASIO counter–espionage and interference advice; and

� engaged in counter–espionage and interference operational activities, managing security risks, and/or disrupting counter–espionage and interference activities that threaten Australia’s security.


Border security5. Impact of policy development advice

Measure: The percentage of key stakeholders who confirm our advice on countering serious threats to Australia’s border integrity, security-sensitive areas or substances had a MEDIUM impact on their decision-making in relation to policy development and responses to serious threats to Australia’s border integrity, security-sensitive areas or substances.


2020–21 2021–22 2022–23 2023–24

70%; MEDIUM 70%; MEDIUM 80%; MEDIUM 90%; MEDIUM




� ongoing, frequent recipient of ASIO advice relating to border integrity, or security-sensitive areas or substances; and

� engaged in developing policy responses to serious threats to Australia’s border integrity, or security-sensitive areas or substances.


Measure: The percentage of key stakeholders who confirm our advice on countering serious threats to Australia’s border integrity, security-sensitive areas or substances had a MEDIUM impact on their decision-making in relation to actions and activities to disrupt and defend against serious threats to Australia’s border integrity, security-sensitive areas or substances.


2020–21 2021–22 2022–23 2023–24

70%; MEDIUM 70%; HIGH 80%; HIGH 90%; HIGH




� ongoing, frequent recipient of ASIO advice relating to border integrity, or security-sensitive areas or substances; and

� engaged in actions and activities that seek to disrupt and defend against serious threats to Australia’s border integrity, or security-sensitive areas or substances.


ASIO reform program 7. IT Service Management maturity performance measure

Measure: Benchmarking ASIO’s maturity for IT service management against an industry standard. Once benchmarked, develop a plan to increase ASIO’s maturity for IT service management to the desired level, within the set timeframe.

Targets: 2020–21 2021–22 2022–23 2023–24

Establish baseline To be determined on development of plan to increase maturity of IT service management. To be included in Corporate Plan 2021.

To be determined on development of plan to increase maturity of IT service management. To be included in Corporate Plan 2021.

To be determined on development of plan to increase maturity of IT service management. To be included in Corporate Plan 2021.

Rationale: Through benchmarking our IT service management maturity, and developing a plan to increase that level where necessary, ASIO will be better positioned to extract value from our investments in technology in support of our mission.

Methodology: During financial year 2020–21, an assessment of ASIO’s maturity for IT service management—against an industry standard—will be undertaken. Once this level of maturity has been determined a plan will be developed to increase this maturity level to a desired point within an established timeframe.

8. Staff satisfaction with workflow improvements

Measure: The percentage of employees who agree (using a seven-point scale):

1. The workflow improvements have led to either (a) a reduction in the manual work previously required of them or (b) the streamlining of duplicative processes.

2. The tool support, developed as part of the workflow improvements, has made it easier for them to resolve issues themselves.

3. Bringing the workflow on-system has provided consistency and visibility to the work done.

Targets: (Percentage and level)

These targets will apply to the areas of the Organisation whose workflow has been updated, rather than the whole of the Organisation

2020–21 2021–22 2022–23 2023–24

50% of staff in affected area ‘Somewhat agree’ or higher for all three categories

50% of staff in affected area ‘Agree’ or higher for all three categories

75% of staff in affected area ‘Agree’ or higher for all three categories

60% of staff in affected area ‘Strongly agree’ for all three categories

Rationale: ‘Easy-win’ workflow improvements will allow our staff to focus their time and effort on mission delivery. Understanding whether our efforts towards optimising mission delivery using streamlined and automated workflows have been successful in the eyes of the key stakeholder—our employees— will assist us in discovering outstanding requirements and determining next steps.

Methodology: Voluntary survey of all staff in the area impacted by the workflow changes. Surveys will be conducted within one month of the release of a new workflow, and then subsequently within six months of a release of workflow.


Governance and accountability9. Compliance framework maturity

Measure: The maturity of ASIO’s compliance framework across the Organisation’s obligations including, but not limited to, inquiries and investigations, safety and security, and finances.

Targets: 2020–21 2021–22 2022–23 2023–24

Establish baseline To be determined on development of plan for improvement. To be included in Corporate Plan 2021.

To be determined on development of plan for improvement. To be included in Corporate Plan 2021.

To be determined on development of plan for improvement. To be included in Corporate Plan 2021.

Rationale: ASIO is committed to the highest standard of ethics and compliance with all applicable laws, regulations, rules and policies. ASIO’s commitment is demonstrated through maturing our compliance framework.

Methodology: Perform a compliance maturity assessment across the Organisation, with ASIO’s maturity level to be measured against identified industry standards (to be determined once the activity commences). Once determined, a plan for improvement and/or maintenance of ASIO’s compliance maturity will be developed, which will include revised measures and targets.

.


EnablersPeople and cultureASIO’s people work together to leverage their diverse skills and experience to protect Australia. We attract, engage and retain the right people, and support the development of their full potential. To deliver trusted intelligence to secure Australia, we are investing in our people to meet future workforce needs; ensuring capacity to meet current and future threats; maximising the benefits of our technology investments; and managing workforce affordability.

SecurityOur commitment to protecting our people, information, operations, capabilities and partner equities engenders trust and is critical in the delivery of our mission. The challenges to physical, information and personnel security in ASIO’s operating environment are complex. We will continue to develop adaptive and contemporary security practices to meet these challenges.

Leadership and influenceASIO’s success depends on staff who are mission focused and operate as ‘One ASIO’. In an environment characterised by ambiguity, our people must lead change with confidence at all levels. To do this, we are equipping our people to better develop strategy, translate mission into action, engage with risk, and manage staff and costs to deliver security outcomes. Our unique expertise and insights position us to work with Australian communities to foster security resilience, and our knowledge and capabilities inform whole-of-government policy settings.

Risk and governanceASIO engages with risk in all aspects of our business. Our governance frameworks enable fully informed and bold decisions which best position us to achieve our mission. We will continue to improve our robust risk and governance frameworks which empower deliberate, lawful and accountable actions and advice.

Technology and dataASIO is evolving its approach to technology in response to rapid change and growth in the volume and variety of data involved in ASIO’s activities. Our use of automation is critical to our ability to respond to threats, but it will not replace human decision-making. Accountability—which has always been central to ASIO’s work—will continue to be as important in the digital age. Improvements in our technology state and use of data will enable us to detect and respond to emerging threats at speed and to advise our partners with confidence.

PartnershipsASIO builds enduring and valued strategic partnerships to increase the reach and impact of our intelligence efforts. Cooperation is based on respect as we work together with our partners towards common objectives. We share our unique expertise to train and empower our partners where we can, jointly develop technical collection and communications platforms, enhance interoperability, and deliver improved national security outcomes.


Risk management and oversightThe Director-General is responsible for ensuring ASIO maintains an appropriate system of oversight and management to enable its productive engagement with risk to deliver security outcomes. Our enterprise risk management framework ensures we engage with risk in all aspects of our business, and apply a sophisticated understanding of risk management practices to identify, measure and respond to risks and opportunities.

Risk, and risk management, is a necessary part of ASIO’s business. Every person in ASIO must understand and engage with risk each day. The Executive Committee is ASIO’s peak governing body, advising the Director-General on matters requiring executive decision-making. The Executive Committee’s purpose is to provide oversight of all ASIO activities, including the effective management of ASIO’s risks. The Executive Committee sets and reviews the Organisation’s risk appetite and tolerance, determines whether ASIO’s overall level of risk is acceptable, and considers whether risk management structures, systems and processes remain effective.

The Executive Committee is supported in its consideration of ASIO’s risk by:

� a Security and Compliance Committee, chaired by Deputy Director-General Intelligence Service Delivery; and

� a Capability and Investment Committee, chaired by Deputy Director-General Enterprise Service Delivery.

The Audit and Risk Committee provides independent assurance and advice to the Director-General, including on ASIO’s enterprise risk management framework and internal controls for effective identification and management of risks.

Security and Compliance Committee

chaired by:Deputy Director-General

Intelligence Service Delivery

Capability andInvestment Committee

chaired by:Deputy Director-General

Enterprise Service Delivery

EXECUTIVE COMMITTEE

Audit and Risk Committee

chaired by the Director-General of Security

chaired by an independent external member


Key risksBecause of ASIO’s unique context and critical role in protecting Australia’s security, it manages a range of significant and complex risks:

MissionRisks to the delivery of our missions—counter-terrorism; counter–espionage and foreign interference; and border security.

FinancialRisks to money, assets and resources, including our financial sustainability and delivery of value for money.

CapabilityRisks to the development and maintenance of ASIO’s unique capabilities, including technologies, data, facilities, partnerships, people and operational capabilities.

Health and safetyRisks to the health, safety and wellbeing of our staff, partners, affiliates and the public.

SecurityRisks to the preservation of ASIO’s capabilities, information and activities from disclosure.

Legal and proprietyRisks to compliance with laws, regulations, direction from government, international obligations, internal procedures or standards of propriety.

ReputationRisks to the level of trust in ASIO and our influence with government, partners and the public.

asio.gov.au

asio corporate plan corporate plan 2020 … · our commitment to protecting our people,...

Documents