Set up video or electronic surveillance
Capture video or other electronic evidence of activities to support a fraud investigation and prosecution.
Why this countermeasure matters
The prosecution must prove every element of an offence beyond reasonable doubt to convict someone. Poor or no video or electronic surveillance may lead to:
- difficulty in conducting investigations and prosecutions
- briefs of evidence being rejected by the Commonwealth Director of Public Prosecutions.
How to put this countermeasure in place
Some ways to implement this countermeasure include setting up video or electronic surveillance like:
- surveilling each building access point with closed circuit television
- putting Mobile Device Management software on mobile devices to track and disable
- monitoring the use of fleet vehicles with In-Vehicle Asset Management.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure using the following methods:
- Confirm that surveillance is switched on.
- Confirm surveillance processes are in compliance with the Australian Government Investigations Standards and other national guidelines or frameworks.
- Consult with investigators about what evidence is required to support an investigation.
- Review the surveillance output to confirm it would capture enough evidence to support an investigation.
- Check if the method of surveillance is reliable.
- Confirm and test (if required) surveillance output is stored securely.
- Confirm that surveillance output is available to investigators.
- Confirm that surveillance cannot be switched-off, deleted or altered, even by staff with privileged access.
- Confirm that surveillance when switched-off or altered is logged and that back-up copies are retained.
This type of countermeasure is supported by:
Limit access to systems, data, information, physical documents, offices and assets.
Limit and control functionality within systems with user permissions. Assign permissions to users based on specific business needs, such as making high-risk functions limited to specialised users. The Protective Security Policy Framework sets out the government protective security policies that support this countermeasure.
Limit and monitor privileged system accesses (those that allow staff, contractors and providers to perform special functions or override system and application controls). The Protective Security Policy Framework outlines the government protective security requirements to safeguard information from cyber threats, including to restrict administrative privileges.
Conduct system testing to identify vulnerabilities prior to release. Untested systems can allow vulnerabilities to be released into production environments.
Put protections in place to prevent data from being manipulated or misused.
Internal or external audits or reviews evaluate the process, purpose and outcome of activities. Clients, public officials or contractors can take advantage of weaknesses in government programs and systems to commit fraud, act corruptly, and avoid exposure.
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity.
Put in place processes for staff or external parties to lodge tip-offs or Public Interest Disclosures.