ISM Controls

Having a resilient security posture is a difficult yet essential process for the protection of an organisations information and systems. The Australian Government Information Security Manual (ISM) provides valuable guidance and methodologies to achieve this cybersecurity resilience.

The ISM was updated in 2018 by the Australian Cyber Security Centre (ACSC) within the Australian Signals Directorate (ASD) with the aim of helping organisations to develop effective risk management frameworks that are capable of protecting their information and systems from cyber threats. The ISM is designed to complement the Protective Security Policy Framework by focussing on the protection of information assets and ICT systems instead.

The government conducts regular and extensive research into how these systems can be best protected and have translated this into the ISM manual for all organisations to consider when designing their risk management frameworks. The ISM specifically considers accountability, workflow and processes and provides guidelines that are intended for Chief Information Security Officers (CISO’s), Chief Information Officers (CIO’s), cyber security professionals and IT managers.

When it comes to cybersecurity, Agilient is one of the leading security consultancies in the country; blending both strategy and technology to address the most complex, high-priority cyber challenges in alignment with essential standards such as the ISM. Agilient’s consultants have the expertise to assist government agencies or non-government organisations to understand, adopt and maintain the ISM as part of the cyber security management framework.

At Agilient, we provide a range of services related to ISM controls, including:

  • Conducting formal security assurance reviews to help clients gain ISM Certification;
  • Performing a gap analysis and risk review;
  • Developing ISM-aligned policies;
  • Develop a Security Risk Treatment Plan (SRTP);
  • Conducting a Risk Controls Assessment to determine the level of maturity, alignment with industry best practices or compliance with internal, regulatory or industry published standards
Aligning with the ISM will ensure your organisation is benefitting from the highest standards of cyber security in Australia and can also help your organisation build trust and gain a competitive advantage. Contact Agilient today to learn more about how we can help your organisation implement the ISM.