DISP Security Management Plan — What It Must Cover and How to Write It

The Security Management Plan (SMP) is the centrepiece of your DISP application. It must document your organisation's security governance structure, risk management approach, personnel security procedures, ICT security controls (with Essential Eight ML2 evidence), physical security measures, and incident response procedures — all mapped to the four domains of the Defence Security Principles Framework. Incomplete or non-compliant SMPs are the single most common reason for DISP application rejection. DISPath provides a structured SMP development process with templates, evidence checklists, and expert review before submission.