To work in the defence industry your business will need to meet the Department of Defence’s security requirements.

The Defence Industry Security Program (DISP) is the system that manages industry security practices.

Your business will need an appropriate level of membership in the DISP when it:

  • works on sensitive or classified information or assets
  • stores or transports Defence weapons or explosive ordnance
  • provides security services for Defence bases and facilities
  • is required to by Defence (these requirements usually apply to all businesses in a supply chain)

Generally you will work out whether you need to join DISP at the time you enter into a contract with Defence or with companies supplying to Defence. However, to get Defence-ready your business can self-nominate to join the DISP even if you don’t have a contract to supply to Defence.

Join the Defence Industry Security Program

The nomination process will guide you through the security standards you need to meet.

The DISP offers 4 levels of industry membership – from unclassified to top secret – that cover your business’s:

  • governance
  • physical security
  • personnel security
  • cyber security

Under the DISP, businesses no longer need separate memberships for each Defence contract, and can sponsor their own employees’ security clearances up to NV2.

The new DISP was launched in April 2019. If your business was a member of the previous DISP, you have 24 months to re-apply for membership under the new DISP. As part of the application Defence will consolidate multiple memberships under a single entity membership.

Check your cyber security risk

The Department of Defence and defence industry businesses expect their suppliers to understand cyber risk and have adequate cyber security.

You can use the Cyber Security Risk Tool to determine if your business is a likely target for cyber attacks and the maturity of your current cyber security practices.