Skip to main content

A NSW Government website

Data.NSW

NSW Business Impact Levels Tool

Using the business impact levels tool

The business impact levels (BIL) tool provides parameters to assess potential damage from compromise of the confidentiality of information. The tool assists in the consistent classification of information and the assessment of impacts on government business. 

This tool considers potential impact on the:

  • individual
  • organisation
  • legal compliance 
  • compiled data
  • government
  • Australian economy
  • infrastructure
  • international relations
  • crime prevention, defence or intelligence operations.

 

BIL Tool Figure 1

 

The BIL tool has been modified slightly for use in NSW (see below). When assessing information using the tool all sub impact categories need to be used to make the assessment, and then the security classification should be set at the lowest reasonable level

The intent of the BIL tool is to provide a way of consistently assessing potential damage due to compromise of information, however the classifications also need to be practically applied. Limiting the dissemination of information due to security classification could also have a negative impact if the people who need to know are unable to view the information when they require it. A pragmatic and risk-based approach is recommended.

 

BIL Tool Figure 2

Assessing whether information is sensitive or security classified

Often it is the difference between assessing information as sensitive (requiring a DLM) or assessing the information as PROTECTED which causes the most concern for NSW agencies. Figure 3 describes a way to help determine if a document is sensitive or if a security classification is needed.

Figure 3: Assessing whether information is sensitive or security classified

Assessing info

 

Caveated information is described here.

Download the NSW Business Impact Levels Tool

 

Back a page 
Assessing information for its security classification and sensitivity
Next page 
Labelling different types of information


Last updated 12 Jul 2024