A secure sovereign partner
Security is embedded throughout the organisation. We continually improve on our baseline and uplift our security capabilities to be a secure sovereign partner. Our security program is wide reaching, covering product, protective, information, supply chain security and trusted insider mitigation.
With an Australian security team that focuses on governance, we maintain a number of internal security working groups that report to the Board’s Government Security Committee. This approach ensures that we are continually reviewing and updating our security processes and procedures, to ensure they meet the highest Australian standards.
Information security at our company ensures that all types of information are protected from unauthorised access or modification and handled according to classifications.
We base our information security practices on threat detection, response and recovery from incidents. In practice we:
- Take a risk-based approach
- Know our threats
- Take appropriate and proportionate levels of response
- Streamline information management systems
- Continually build a security-conscious culture.
Our corporate ICT system has achieved ongoing certification with ISO27001 (Port Melbourne) and our development networks also achieve a high level of maturity against the ACSC Essential Eight. We also hold membership of the AiGroup Security Working Group.
Our security program also includes our products and services, where our team of security engineers works to a continuous improvement sovereign DevSecOps process. Our DevSecOps process has been developed to ensure that security is involved throughout the entire software development life cycle. Using the guidelines from the Australian Cyber Security Centre’s Information Security Manual, the ELSA security team is able to create a secure sovereign product that is ready for accreditation and delivery to our customers.
Our physical security program is managed locally by the ELSA security team, whose aim is to protect our people, assets and information. With long-standing experience in the Australian Defence industry, ELSA has a tradition of implementing a high standard of physical security controls. These controls are a based on Australian Government frameworks such as the Protective Security Policy Framework and ASIO Technical Notes.
ELSA’s personnel security program’s aim is to protect our people, brand, and our partners’ interests. Our program includes adhering to the AS4811:2022 Workforce Screening, which includes police background checks and ID verification through an approved document verification service. ELSA also maintains a security-cleared workforce that can be mobilised to meet project demands.
Our personnel security efforts are also boosted by our Trusted Insider Program, which collaborates with all areas of the company and includes training and awareness, as well as active threat detection. The aim of our Trusted Insider Program is to reduce the likelihood and impacts of any accidental or deliberate security incidents.
As a secure sovereign company, the Elbit Systems of Australia security team welcomes external feedback on any potential security risks or issues. If you wish to report something, please submit a detailed report to firstname.lastname@example.org