A quick way to determine differences between ISM updates
Welcome to the third edition in our series on cybersecurity and implementing the Information Security Manual (ISM), keeping you informed as frameworks race to address the evolving threat environment.
Perhaps you’ve been implementing or assessing a project with a specific version of the ISM in mind. However, the threat landscape has changed and you’d like to know if there’s any specific changes in the ISM security controls that are relevant to your project. Note that this should not detract from the cyber security principles as discussed in an earlier article.
One easy way to scan for changes to security controls is to open the System Security Plan Annex Template, available from Information Security Manual (ISM) | Cyber.gov.au.
From the ‘updated’ column (column F), you can toggle to only see security controls that have been updated in the editions since the version you last examined.
