The Australian Signals Directorate produces the Information Security Manual (ISM). The ISM is a cyber security framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems, applications and data from cyber threats. The ISM is intended for Chief Information Security Officers, Chief Information Officers, cyber security professionals and information technology managers.
Using the Information Security Manual
This chapter of the Information Security Manual (ISM) provides guidance on using the ISM.
Cyber Security Principles
Follow the Information Security Manual (ISM)'s cyber security principles to protect information technology and operational technology systems, applications and data from cyber threats.
Cyber Security Guidelines
Practical guidance on how an organisation can protect their information technology and operational technology systems, applications and data from cyber threats.
Cyber Security Terminology
This chapter of the Information Security Manual (ISM) provides guidance on cyber security terminology.
Archived ISM releases
List of archived ISM releases.
ISM OSCAL releases
List of current and previous ISM releases in the OSCAL format.
ISM Feedback Form
ISM feedback and enquiries.