The Information Security Manual (ISM) is the Australian Signals Directorate’s cyber security framework for government and other systems that need a credible baseline. It sets out the cyber security principles and the controls a system is built and assessed against. An IRAP assessment measures a system against the ISM. It is updated through the year, applies by classification, and is a baseline, not a certification.
What is the Information Security Manual?
Start with what it is not. The ISM is not legislation, and it is not a certificate you pass. It is a manual: the Australian Signals Directorate’s catalogue of cyber security advice and controls, written and maintained by ASD and published free on cyber.gov.au. Government systems are designed against it and assessed against it. When an IRAP assessor reviews a system, the ISM is the yardstick.
It covers information technology and, increasingly, operational technology. It is written for government but used well past it. Banks, health providers and technology firms treat it as a credible Australian baseline. The controls are not abstract. They tell you to patch, to collect logs centrally, to encrypt with approved cryptography, to segregate networks. Specific, testable, and revised through the year.
What is inside the ISM: principles and guidelines
Two parts. The cyber security principles set the strategy; the cyber security guidelines hold the controls.
The principles are grouped into six functions: govern, identify, protect, detect, respond and recover. ASD restructured them into these six in March 2026, aligning the ISM with the international NIST Cyber Security Framework, and gave each principle a stable identifier (GOV-01 executive accountability, PRO-08 data protection, DET-01 centralised event logging, and so on). The guidelines sit beneath the principles and carry the actual controls, organised by topic: cryptography, system hardening, network security, identity and access management, data transfers and more. This is where a principle such as “collect and protect event logs centrally” becomes a specific requirement you can implement and evidence.
| Function | What it covers |
|---|---|
| Govern | Accountability, leadership, risk management and assurance |
| Identify | Assets, business criticality, security and resilience requirements, risks |
| Protect | Secure design, access control, hardening, cryptography, backups, segmentation |
| Detect | Centralised logging, event detection, incident identification |
| Respond | Incident planning, response, reporting and lessons learnt |
| Recover | System recovery assurance and resumption of normal operations |
How does the ISM apply by classification?
You do not apply every control. Each control carries an applicability marking, so you select the ones that match your system’s classification, then tailor.
The markings run from non-classified up to TOP SECRET: NC, OS, P, S and TS. A system processing PROTECTED data applies the controls marked P; a SECRET system applies those marked S, and so on. Here is the point teams miss: the control set is the same at OFFICIAL: Sensitive and PROTECTED. What changes between them is physical security, personnel clearance and network obligations, not the technical control baseline. SECRET adds more across all three. TOP SECRET sits outside the normal commercial cloud route and is assessed inside accredited government environments. Classification itself is set by the owning agency, which is why the data classification decides the scope of an assessment before any control is read.
| Marking | Applies to |
|---|---|
| NC | Non-classified systems |
| OS | OFFICIAL: Sensitive systems |
| P | PROTECTED systems |
| S | SECRET systems |
| TS | TOP SECRET systems |
How does the ISM relate to IRAP, the Essential Eight and the PSPF?
One sentence each. The ISM is the control set. IRAP is the independent assessment of a system against that control set. The Essential Eight is a small, high-value subset of it. The PSPF is the policy that decides when the assessment is required.
The Essential Eight is drawn from ASD’s broader Strategies to Mitigate Cyber Security Incidents, and ASD publishes a mapping between the two. Reaching Essential Eight Maturity Level Two is not full ISM compliance. It covers eight technical mitigations; the ISM covers governance, personnel, physical security, incident response and far more. On the policy side, the Protective Security Policy Framework requires outsourced IT and cloud services holding OFFICIAL: Sensitive, PROTECTED or SECRET data to be IRAP assessed against the ISM, and reassessed within 24 months against the latest version (PSPF requirement 0109). For how the three fit together in practice, see Essential Eight vs ISM vs IRAP.
How often does the ISM change, and what changed in 2026?
Often. ASD updates the ISM several times a year, so date your work to the version you used.
That cadence matters because an assessment is against a moving target. The June 2026 release added AI application controls, for example disabling an AI model’s direct access to external data on classified systems, requiring human approval for higher risk AI actions, and baselining AI behaviour, and it added a control allowing suitable AI models to support detection of cyber security events. It also refined the cryptography principles and split several controls. PSPF requirement 0109 ties the two together: a cloud reassessment must be against the latest ISM at the time of assessment, so a certificate against a year old version carries less weight. Treat the ISM version like a date, not a fixed thing. When you read “assessed against the ISM”, ask which one.
Does the ISM apply to private companies?
Not by law. The ISM binds non-corporate Commonwealth entities through the PSPF; it does not bind private companies directly.
That said, two things pull private organisations in. First, if you handle Australian government data through an outsourced or cloud service, the PSPF requires that service to be IRAP assessed against the ISM, so the ISM reaches you through the contract. Second, many Australian organisations with no government work still adopt it because it is free, locally relevant and respected. It is a baseline to build from, not a box to tick. The IRAP assessment process is how a system is formally measured against it, and our IRAP assessment service works to the same manual.
Frequently asked questions
It is mandatory for non-corporate Commonwealth entities through the PSPF. It is not law for private companies, but it reaches them through contracts for government work and is widely adopted as a voluntary baseline.
No. The Essential Eight is a small subset of mitigations drawn from the ISM broader strategies. Meeting the Essential Eight is not full ISM compliance; the ISM covers governance, personnel, physical and incident response controls the Essential Eight does not.
ASD does not fix a single number and it changes with each release. The guidelines hold many hundreds of controls across topics such as cryptography, hardening, network security and access management. You apply only those marked for your system classification.
For non-classified, OFFICIAL: Sensitive, PROTECTED and SECRET systems, an organisation own assessors or an IRAP assessor can do it. TOP SECRET assessments are undertaken by ASD assessors or their delegates.
Written by Gaurav Vikash, an ASD endorsed IRAP assessor and senior cyber security leader with 18 years of experience across Australia, the UK and Asia, including CISO and senior security leadership roles. He holds CISSP, CISA, CISM and CRISC and is an ISO 27001 and ISO 42001 Lead Implementer, and speaks regularly at industry conferences.
Sources:
- ASD, Information Security Manual, cyber.gov.au, June 2026
- ASD, The cyber security principles, cyber.gov.au, March 2026
- ASD, Using the Information Security Manual, cyber.gov.au, 2026
- ASD, Essential Eight explained, cyber.gov.au, 2026
- Protective Security Policy Framework, protectivesecurity.gov.au, 2024 release
Last updated: 21 June, 2026