The Australian Signals Directorate produces the Information security manual (ISM). The ISM is a cybersecurity framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems, applications and data from cyberthreats. The ISM is intended for chief information security officers, chief information officers, cybersecurity professionals and information technology managers.
Using the Information security manual
This chapter of the Information security manual (ISM) provides guidance on using the ISM.
Cybersecurity principles
Follow the Information security manual (ISM)'s cybersecurity principles to protect information technology and operational technology systems, applications and data from cyberthreats.
Cybersecurity guidelines
Practical guidance on how an organisation can protect their information technology and operational technology systems, applications and data from cyberthreats.
Cybersecurity terminology
This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.
Archived ISM releases
List of archived ISM releases.
ISM OSCAL releases
List of current and previous ISM releases in the OSCAL format.
ISM feedback form
ISM feedback and enquiries.