The ISM is updated quarterly, and intended for use by Chief Information Security Officers, Chief Information Officers, cyber security professionals and information technology managers.
In the latest ISM update, released on 15 September, the ACSC has provided the ISM in a new standardised machine-readable format known as OSCAL. OSCAL has been developed by the US National Institute of Standards and Technology (NIST). It supports a standardised way for organisations to track the implementation status of controls for their systems, through user-friendly dashboards within their governance, risk and compliance tools.
The ISM in OSCAL format is now available on the ACSC website.