Infosec policy

Gateway Certification Guide

The Gateway Certification Guide (GCG) is designed to assist Australian Government agencies and service providers wishing to pursue certification, including recertification. The Gateway Certification process provides an independent assessment that an Australian Government agency or service provider's gateway has been configured and managed appropriately and that suitable safeguards have been implemented and are operating effectively. This assurance will give clients using the gateway a level of trust in the service provided.

The document also provides guidance and ideas to agencies considering secure gateway design, development or management issues, and can provide a reference for independent verification of any gateway.

Version 4.0.0 of the Gateway Certification Guide and Version 3.0.0 of the Gateway Certification Checklist were published in April 2008. These versions of the documents move gateway certification policy into greater alignment with ISM policy. This move towards policy consistency will make compliance and certification easier for government agencies and their service providers.

• Gateway Certification Guide v4.0.0 [PDF 202KB; DOC 250KB; ]
• Gateway Certification Checklist v3.0.0 [PDF 459KB; DOC 271KB; ]

• Gateway Certification Guide v3.4.3 [PDF 197KB; DOC 1.8MB; ]
• Gateway Certification Checklist v2.2.3 [PDF 200KB; DOC 208KB; ]