Department of Human Services NASH Modifications to Support Electronic Certificate Delivery

21
Oct

Cordelta was engaged by the Department of Human Services (DHS) to help them assess the risk of a proposed change to the National Authentication Service for Health (NASH) Public Key Infrastructure (PKI).

Our consultant reviewed the current risk profile of the NASH infrastructure, the technical risk arising from the proposed changes and current imperatives within the department. This helped to identify a number of remedies that could be used to manage risks and a number of opportunities for DHS to derive further benefits from the proposed changes.

The assessment was conducted in alignment with the DHS Risk Framework and in accordance with the following international standards:

  • AS/NZS ISO 31000:2009 Risk management – Principles and guidelines;
  • HB 167:2006 Security risk management; and
  • HB 327:2010 Communicating and consulting about risk.

Cordelta identified a number of opportunities for the department to improve its residual risk profile while improving the experience of the Australian Public in their interactions with NASH.