The growth of our digital wholesale services increases productivity and community connectivity across the digital economy. This connectivity presents a range of service opportunities, business risks and security implications for the organisation and the Australian community.

The Digital service provider (DSP) Operational Framework is part of our response to these risks and establishes how we will provide access to and monitor the digital transfer of data through software.

Through consultation with DSPs, industry associations and across Government a position was established on each of the five issues of the DSP Operational Framework. From these positions we have developed the Requirements for DSPs to use our digital services and have updated the Operational Framework Questionnaire, this is now known as the Digital Service Provider Operational Framework Security Questionnaire (DOCX, 895KB). The Questionnaire is used by DSPs to demonstrate how their product or service meets the requirements.

All DSPs wanting to use our digital services will need to meet the relevant requirements which can include, but is not limited to:

• Authentication
• Encryption
• Supply chain visibility
• Certification
• Data hosting
• Personnel security
• Encryption key management
• Security monitoring practices.

A transition period has been established for DSPs who are already using our digital services to allow them time to meet the requirements. After consulting through the DSP Operational Framework working group, timeframes for meeting the DSP requirements have been finalised.

The Digital Partnership Office (DPO) can provide support in meeting the requirements.

For further information and to provide feedback contact the DPO via Online services for DSPs or by emailing DPO@ato.gov.au.

 See also:

• Using our digital services
• Requirements for DSPs

Consultation

Consultation on the DSP Operational Framework has now concluded. Consultation enabled us to collaborate with you in developing the elements of the DSP Operational Framework.

The DSP Operational Framework working group contributed to developing and finalising the DSP Operational Framework implementation approach.

The DSP Operational Framework focus groups assisting in establishing a position on each of the five issues identified during the DSP Operational Framework interim assessment. You can access details on each below:

• Multi-factor authentication focus group
• Certification and assessment focus group
• Onshore-offshore data hosting focus group
• Supply chain and encryption focus group
• Operational Framework working group

You can also access an overview of the positions established by the focus groups.

• Focus group positions (DOCX, 268KB)