Information Security Manual ( Ism )

1884 Words Apr 14th, 2016 8 Pages
2. Information Security
2.1 Research
Information Security Manual
The Information Security Manual (ISM) is produced by the Australian Signals Directorate under the Department of Defence (Australian Signals Directorate, 2016). The Information Security Manual is the standard which governs the security of government ICT Systems and it complements the Protective Security Policy Framework.
The ISM guides departments in how to ensure their information is secure. The ISM states that “Information is a continual process, one that extends beyond ensuring that s system is secure at the time of deployment (Department of Defence- Intelligence and Security, 2015).” It includes managing, detecting and reporting cyber security threats and well as information on other types of security relevant to the organisation. In relation to physical security it states best practise, this includes “limiting access to facilities, servers, network devices, ICT equipment and media to authorised personnel only by applying appropriate physical security controls (Department of Defence- Intelligence and Security, 2015).”
Protective Security Policy Framework
The Protective Security Policy Framework (PSPF) information security management protocol specifies information security controls to be used to satisfy information security mandatory requirements (Attorney-General 's Department, 2015). This protocol includes security classifications, risk management for outsourced ICT arrangements, agency cyber…
Open Document