ACSC programs and advice are being migrated to (see sidebar)

Emanation Security Program

The Emanation Security Program sets out the requirements for government and industry agencies to be formally recognised by the national authority, the Australian Signals Directorate (ASD), to conduct emanation security practices to national standards.

All electronic information systems emit electromagnetic radiation. In some cases this can be related to the information being processed and may pose a security risk. Emanation security involves measures designed to deny unauthorised persons information of value that may be derived from the interception and analysis of compromising emanations.

The Australian Emanation Security Program Manual (ACSI 77 (B)) (PDF) provides guidance to commercial and government agencies wishing to participate in the program. Achievement of the accreditation standards allows for formal recognition by ASD. It also sets out the obligations of agencies once registered in the program.

Application forms for joining the Emanation Security Program are included as annexes to the manual.

The Emanation Security Program superseded the Australian Industrial TEMPEST Program (ACSI 77(A)) in 2006.

Certified Emanation Security Providers

Certified providers by ESP category (last updated June 2015)
Agency Contact A B Level 1 B Level 2 B Level 3 B Level 4 C
ASD Cyber and Information Security Division 1300 CYBER1 Authority Authority Authority Authority Authority Authority
Navy DNCNE NCIW (02) 6266 2834 Provisional Provisional
Army Accredited Test Services (03) 9319 5734 Provisional
Air Force 462SQN (08) 7383 5020 Endorsed Endorsed Provisional
Thales Australia (02) 9562 2744 Endorsed


For all enquiries, please contact the Emanation Security Manager on 1300 CYBER1.

In August 2018 ACSC launched a new website,, to reflect its new organisation.

Cyber security programs and advice are being migrated to Information and advice on this site remains current.

Reports help the ACSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.

Cyber security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.

Information for Australian businesses
Information for individual Australian citizens
Information for Federal, State and Local government agencies