Information Security Manual (ISM) - March 2021

By : 6clicks
The ISM provides information security guidelines for the handling of Australian Government official information.
In stock


This download includes the ISM controls as of March 2021. There are no mapped questions. Use this download if you just want the provisions and want to create your own question set. If you need help with an assessment you may like to engage a service provider including an IRAP assessor.

The purpose of the Australian Government Information Security Manual (ISM) is to outline a cybersecurity framework that organisations can apply, using their risk management framework, to protect their systems and information from cyber threats.

The ISM is primarily targeted towards Australian Government departments and agencies that handle Australian Government official information, including service providers.

The ISM (March 2021 release) includes 772 controls across the following 22 guidelines:

- Guidelines for Cyber Security Roles

- Guidelines for Cyber Security Incidents

- Guidelines for Outsourcing

- Guidelines for Security Documentation

- Guidelines for Physical Security

- Guidelines for Personnel Security

- Guidelines for Communications Infrastructure

- Guidelines for Communications Systems

- Guidelines for Enterprise Mobility

- Guidelines for Evaluated Products

- Guidelines for ICT Equipment Management

- Guidelines for Media Management

- Guidelines for System Hardening

- Guidelines for System Management

- Guidelines for System Monitoring

- Guidelines for Software Development

- Guidelines for Database Systems Management

- Guidelines for Email Management

- Guidelines for Network Management

- Guidelines for Using Cryptography

- Guidelines for Gateway Management

- Guidelines for Data Transfers and Content Filtering

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction Australia
Type Laws or related obligations