DSP Operational Security Framework

The Digital Service Provider (DSP) Operational Security Framework (OSF) seeks to protect taxation, accounting, payroll, business registry and superannuation related data and the integrity of the Taxation, Business Registry and Superannuation systems that support the Australian community.

This is achieved by setting out a minimum level of security requirements a DSP needs to meet to access ATO digital services that perform a functional role in the supply chain.

The DSP OSF has been established to respond to business risks and security threats presented by the continual expansion and growth of digital services across the ecosystem and will continue to evolve to respond to new and emerging risks.

The DSP OSF is a response to known examples of:

  • information misuse (including identity theft, personal gain, or commercial advantage)
  • financial system misuse (including tax refund fraud)
  • destructive cyber behaviour (including individual or system hacks).

If you want to use our API’s or digital services you will need to complete and submit a DSP OSF Security Questionnaire (DOCX, 768KB).

Should you need help completing the questionnaire, or if you have questions about the requirements, you can contact the Digital Partnership Office (DPO) via Online services for DSPs.

Find out more

See also

Last modified date