Report a Security Incident

Courier companies must immediately contact the government agency when a security incident has occurred (or is occurring). In most circumstances, the courier company will know the best course of action to take, however, should a government agency want to determine the next best course of action to secure their consignment, they may do so. 

If the consignment has been tampered with, the government agency should receive the consignment, photograph all sides of the consignment, and note as many key details as possible. The consignment should be isolated and secured for further assessment. 

The government agency should report any security incidents to ASIO–T4 within five days of the incident. Government agencies are responsible for conducting their own security investigation into the security incident. ASIO–T4 is only responsible for assess the courier company against the Criteria however is available to provide advice to the agency on mitigation actions.

Courier companies must provide a detailed report of the security incident to the SCEC and government agency 14 days after the security incident is resolved.

Minor security incident include:

  • delivery of consignments exceeding the required timeframe by less than two hours;
  • use of non-SCEC-approved single-use envelopes or pouches;
  • couriers not providing photographic identification upon collection;
  • couriers not properly identifying the consignee or officer;
  • inaccurate tracking records; or
  • any other issue relating to a breach of security.

Major security incidents include:

  • delivery of consignments exceeding the required timeframe by greater than two hours;
  • delivery to unauthorised third party;
  • theft, loss or compromise of consignment; and
  • the handling of consignments by couriers who have not met the personnel security checking requirements.

Government agencies and courier companies are encouraged to report 'near-misses' to assist SCEC is identifying emerging threats or inadequate controls in the Criteria. Such reporting demonstrates the effectiveness of incident response protocols and will be considered positively in re-endorsement reviews. 

Please submit any security incidents using the SCEC Endorsed Courier Service Security Incident Report form.