All roles with access to sensitive information or systems are risk assessed. Staff and
contractors are vetted to the appropriate level to manage these risks.
Contractors working for Government departments are subject to the same security
standards and training as civil servants depending on their access to government systems
and information. Basic cyber security awareness is an essential protection against attacks
such as email phishing and departments are already providing training for their staff and
contractors on this.