Information Security Manual (ISM) | Cyber.gov.au

The Australian Cyber Security Centre (ACSC) produces the Information Security Manual (ISM). The purpose of the ISM is to outline a cyber security framework that organisations can apply, using their risk management framework, to protect their systems and data from cyber threats. The ISM is intended for Chief Information Security Officers, Chief Information Officers, cyber security professionals and information technology managers.

Using the Information Security Manual

This chapter of the ISM provides guidance on using the Information Security Manual.

Cyber Security Principles

Follow the ACSC's cyber security principles to better understand how to protect systems and data.

Cyber Security Guidelines

The ISM is separated into a number of guidelines to assist organisations protect their systems and data from cyber threats.

Cyber Security Terminology

This chapter of the Information Security Manual (ISM) provides guidance on cyber security terminology.

Previous releases

List of previous ISM releases.

ISM OSCAL releases

List of current and previous ISM releases in the OSCAL format.

ISM feedback form

ISM feedback and enquiries

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.