ATO Policy Management Authority

The ATO PMA is responsible for the creation of policy unique to the operation of the ATO PKI. The ATO PMA is responsible for setting, implementing and administering policy decisions throughout the ATO PKI, with the CEO, OGO having final authority in matters that affect accreditation of the ATO CA and ATO OCA, and any policy issues that effect the operation of the Gatekeeper strategy and the use of PKI technology on a whole of government basis.

The ATO PMA will include representatives from the ATO, the Office for Government Online (OGO), the Australian Government Solicitor (AGS), the Defence Signals Directorate (DSD) and another Commonwealth agency to be agreed by the first four members of the ATO PMA jointly. (That agency should be outside the Treasury portfolio.)

Functions

The ATO PMA performs the following functions:

1. Formulate new policy and policy changes.
2. Submit new or changed policy to the CEO, OGO for Gatekeeper approval as appropriate.
3. Ensure that revised versions of the CP, and the CPS are implemented.

Discharge of Responsibilities

The ATO PMA will discharge its responsibilities by working through the Assistant Commissioner Electronic Services Delivery to:

4. Review the documentation required for the operation of the ATO PKI including the documentation for Gatekeeper accreditation.
5. Review the adequacy of the procedures for the management of the ATO PKI, particularly to ensure the trust of taxpayers in the system.
6. Follow up action on recommendations from audit reports and other reviews.
7. Approve changes to the documentation required for the operation of the ATO PKI.
8. Confirm that the ATO CA's Keys and Certificates have been issued and managed in accordance with the ATO CPS and the ATO CP PO01a.

Last Modified: Friday, 23 April 2004