miércoles, 24 de agosto de 2011

ISM – Information Security Manual - June 2011 (Australian Government)


The Defence Signals Directorate (DSD) produces the Australian Government Information Security Manual (ISM). The manual is the standard which governs the security of government ICT systems. It complements the Protective Security Policy Framework.
  • - Current edition published online June 2011. Control 545 has been deleted, 536 has been re-worded, 1161 and 1162 have been added to cover cryptographic requirements for IN-CONFIDENCE.
  • - Latest printed edition published November 2010.
  • - Additional ISM resources including change summaries and self-assessment checklists are available from the members-only area of OnSecure.
  • - ISM was called ACSI 33 until 2005.


Objective
The Australian Government Information Security Manual is used for the risk managed protection of  information and systems.

The purpose of this manual
The purpose of this manual is to apply a risk managed approach to the protection of information and  systems in government.

Target audience
The target audience for this manual is security personnel. This includes, but is not limited to:
• security executives, CISOs and CSOs
• ASAs and ITSAs
• ITSMs and ITSOs
• infosec-registered assessors.