Standards and other architectural guidance

Whole-of-Government standards provide consistent guidance to agencies including fundamental best practice building blocks, agreed decisions and thresholds that form the basis for increasing standardisation to digital and ICT investment, design and delivery across Government.

Existing Whole-of-Government standards and blueprints include:

  • Protected Utility Blueprint
  • Trusted Digital Identity Framework.

Protected Utility Blueprint

The Protected Utility Blueprint is a blueprint of a design for a secure, modern desktop for government agencies based on Microsoft 365.

Strategy Alignment

Digital Government Strategy: Outcome 4


Use of the Protected Utility Blueprint is not mandatory, agencies can choose to adopt the blueprint to help transition to cloud-based capability.

This blueprint is designed to:

  • standardise how government agencies operate their desktops
  • improve collaboration within and across agencies
  • help achieve a cyber security uplift across government
  • help agencies transition to cloud-based capability and adopt the blueprint. 


The Protected Utility Program partners with agencies to assess their cloud readiness and support their transition to the blueprint. This can include establishing cloud connectivity, training, security advice and assurance, as well as change management support, so agencies can successfully implement a modern workplace.

The Program also provide agencies with a range of tools and support mechanisms, such as the Protected Utility Program online community, to help them through the process.

The DTA, in conjunction with Microsoft, also provides training to public servants to increase their cloud skills and capability.

For more information visit: Protected Utility for government | Digital Transformation Agency (

Trusted Digital Identity Framework

TDIF is a framework that outlines the strict rules and standards for all providers and services within Australia's digital identity system.

Strategy Alignment

Digital Government Strategy: Outcome 1, Outcome 2, Outcome 3


Organisations and government agencies can apply for TDIF accreditation and undergo a series of assurance evaluations for their Digital Identity service. There are four (4) accreditation roles available:

  • identity providers
  • credential providers
  • identity exchange
  • attribute providers.


The TDIF is currently made up of 13 policies. To become a TDIF accredited provider, applicants are required to demonstrate how their Digital Identity service meets requirements for:

  • accessibility and usability
  • privacy protection
  • security and fraud control
  • risk management
  • technical integrity and more.


The TDIF also includes guidance material and templates to support providers to meet TDIF requirements.

For more information visit: Trusted Digital Identity Framework (TDIF) | Digital Identity