I got my security clearance, now what?

I got my security clearance, now what?


If you just received your security clearance, first of all congratulations on getting through a likely tedious and lengthy process. But now that you have your security clearance, what does this mean and what are your ongoing obligations?

Your security clearance

Your clearance has a certain validity period and classification level depending on which level of clearance you obtained. Have a look at the table below.

Clearance Level
Validity Period
Classification
Baseline
15 years
PROTECTED
Negative Vetting 1 (NV1)
10 years
SECRET
Negative Vetting 2 (NV2)
7 years
TOP SECRET
Positive Vetting (PV)
7 years
TOP SECRET including caveated information

The classification levels relates to the level of classified material you could get access up to. This does not mean you can access ALL classified material up to that level, as you still require a 'need-to-know' to access any information, even those of lower classifications than you have clearance to.

All those TV shows that show a person who apparently has 'TOP SECRET' clearance complaining they cannot get into certain records, well that is actually extremely normal. Just because you have a clearance for TOP SECRET information, doesn't automatically mean you can access all documents to that level. You still must have a need-to-know to access that information. Within Penske, typically this would mean you are a member of the specific project and have a role that requires the information contained in the document(s).

Managers of security cleared staff do not automatically require security clearance, nor does it mean the Manager can access the same information their staff have access to.

You have likely gotten a security clearance because your role means you:
  1. Need to access classified material (whether digital, verbal or physical), and/or
  2. You need to physically access locations that require a security clearance, such as Navy vessels, prime contractor facilities, some areas of Defence bases etc.
You do NOT require a clearance to access OFFICIAL:Sensitive marked documents but such documents must be protected appropriately. See the Penske Data Classification Policy for more information.

Maintaining your clearance

Your clearance may be revoked due to numerous reasons including:
  1. Not reporting changes in circumstances
  2. Involvement in criminal activity
  3. Change in company role/position or project involvement
  4. Not meeting your security obligations as a clearance holder
The most common security obligations you need to follow as a clearance holder are:
  1. Reporting any Change of Circumstances
  2. Completing Travel Briefings and Debriefings before and after any international travel (whether personal or business related)
  3. Completing your mandatory security training as they get assigned to you from Penske Academy and from the IT department
  4. Act in a secure manner, including following company policies, AGSVA, and Defence policies and processes
  5. Protecting the information you have access to, and limiting the broadcast of your security clearance status to others




    • Related Articles

    • Obtaining a Defence security clearance

      Requesting a Defence security clearance can be done using the New Ticket form with the "Request a Security Clearance" layout option on the form. However, it is important to note the following requirements for requesting a clearance. The applicant ...

    • Penske Cyber Security Strategy 2023-2025

      Please find attached Cyber Secuity Strategy document for Penske Australia & New Zealand for 2023-2025.

    • Overseas travel requirements for security-cleared staff

      If you are a Defence security clearance holder, you must report all overseas travel, both business and personal, and be briefed before leaving and debriefed upon your return. Please read the below steps: Before your travel Complete these steps at ...

    • Overview of Penske's Information Security

      The attached document was created as an overview of Penske Australia & New Zealand's Information Security (InfoSec/Cyber Security) that can be provided to external parties as needed, such as during tenders and contract negotiations, or to provide a ...

    • Defence Industry Security Program (DISP) membership certificate

      Attached is a copy of Penske's Defence Industry Security Program (DISP) membership certificate, for use where another DISP member has requested the sighting of our DISP membership. Current Membership Levels Governance Personnel Physical ICT Level 2 ...