Cyber Security Principles
The foundational cyber security principles represent part of the continual effort over the last 12 months to transition the ISM from a compliance-based information security manual to a principles-based cyber security framework that organisations can apply, using their corporate risk management framework, to protect their systems and information from cyber threats.
With the release of these updated principles, government, industry and academia are strongly encouraged to consider the strategic guidance they provide when designing and implementing new systems and services.
Cyber Security Guidelines
The ISM also contains various cyber security guidelines covering governance, physical security, personnel security, and information and communications technology security. These guidelines assist and empower organisations to identify cyber security risks and select appropriate security controls to effectively manage these risks.
The guidelines also support organisations to be more flexible, enabling them to innovate and deliver creative, yet secure, online services for the Australian public.
Updates to the ISM are available at https://www.cyber.gov.au/ism.