Skip to main content

Australian Government Information Security Manual updated

The Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has released updates to the Australian Government Information Security Manual (ISM) to help organisations set the strategic framework for protecting their systems and information from cyber threats.

Cyber Security Principles

The foundational cyber security principles represent part of the continual effort over the last 12 months to transition the ISM from a compliance-based information security manual to a principles-based cyber security framework that organisations can apply, using their corporate risk management framework, to protect their systems and information from cyber threats.

With the release of these updated principles, government, industry and academia are strongly encouraged to consider the strategic guidance they provide when designing and implementing new systems and services.

Cyber Security Guidelines

The ISM also contains various cyber security guidelines covering governance, physical security, personnel security, and information and communications technology security. These guidelines assist and empower organisations to identify cyber security risks and select appropriate security controls to effectively manage these risks.

The guidelines also support organisations to be more flexible, enabling them to innovate and deliver creative, yet secure, online services for the Australian public.

Updates to the ISM are available at