Information Security Manual (ISM)

Content written for

Large organisations & infrastructure

Government

Attachments

The Australian Cyber Security Centre (ACSC) produces the Information Security Manual (ISM). The purpose of the ISM is to outline a cyber security framework that an organisation can apply, using their risk management framework, to protect their systems and data from cyber threats. The ISM is intended for Chief Information Security Officers, Chief Information Officers, cyber security professionals and information technology managers.

Using the Information Security Manual

This chapter of the Information Security Manual (ISM) provides guidance on using the ISM.

Cyber Security Principles

Follow the Information Security Manual (ISM)'s cyber security principles to protect systems and data.

Cyber Security Guidelines

Practical guidance on how an organisation can protect their systems and data from cyber threats.

Cyber Security Terminology

This chapter of the Information Security Manual (ISM) provides guidance on cyber security terminology.

Previous ISM releases

List of previous ISM releases.

ISM OSCAL releases

List of current and previous ISM releases in the OSCAL format.

ISM Feedback Form

ISM feedback and enquiries.

Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.