Resources
An Introduction to Artificial Intelligence
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-23
This document provides readers with an understanding of what artificial intelligence (AI) is and how it may impact the digital systems and services they use.
An Introduction to Securing Smart Places
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-22
Smart places are places that use smart technology (IT)-enabled systems to provide enhanced services to citizens. This document explores the key security risks of smart places and ways to mitigate risk.
Cloud Controls Matrix Template
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jun-24
This template is intended for use by registered assessors to assess cloud service providers and the services they provide.
Cyber Incident Management Arrangements for Australian Governments
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Oct-22
Updated
Sep-23
This document provides guidance on how Australian governments can cooperate on responses to national cyber security incidents.
Cyber Security for Contractors
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Mar-12
Updated
Oct-21
This publication aims to help contractors to appropriately secure Australian Government information on their systems.
Cyber Security Incident Response Planning: Executive Guidance
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Sep-12
Updated
Apr-24
This page contains high-level guidance to help organisations understand how to prepare for and respond to cyber security incidents.
Cyber Security Principles
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jun-24
Updated
Jun-24
The cyber security principles provide strategic guidance on how an organisation can protect its systems, applications and data from cyber threats.
Cyber Skills Framework
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Sep-20
Updated
Sep-20
This framework describes core cyber roles, capabilities, skills and proficiency levels.
Cyber Supply Chain Risk Management
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-19
Updated
May-23
This information provides an overview of managing cyber supply chain risks with links to more detailed information.
Domain Name System Security for Domain Owners
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jan-21
Updated
Oct-21
This publication provides information on Domain Name System (DNS) security for domain owners, as well as mitigation strategies to reduce the risk of misuse of domains and associated resources.
Domain Name System Security for Domain Resolvers
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jan-21
Updated
Oct-21
This publication provides information on Domain Name System (DNS) security for recursive resolution servers, as well as mitigation strategies to reduce the risk of DNS resolver subversion or compromise.
Engaging with Artificial Intelligence
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jan-24
This document provides organisations with guidance on how to use artificial intelligence (AI) systems securely.
Essential Eight Assessment Process Guide v2023
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Version
2023
Access
Open
Status
Active
Created
Nov-22
Updated
Nov-23
The Essential Eight is a set of cyber security risk mitigation strategies developed by the Australian Signals Directorate.
Essential Eight Assessment Report Template
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-23
This template provides the content requirements of Essential Eight assessment reports. Assessors can use their own report templates for branding purposes, but all sections within this template must be included.
Essential Eight Explained v2023
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Version
2023
Access
Open
Status
Active
Created
Feb-17
Updated
Nov-23
The document provides a brief introduction to the implementation of a priority set of strategies to mitigate cyber security incidents.
Essential Eight Maturity Model and ISM Mapping
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jan-19
Updated
Dec-23
Essential Eight is designed to protect organisations' internet-connected IT networks against cyber threats. This publication provides a mapping between the Essential Eight Maturity Model and the Information Security Manual (ISM).
Essential Eight Maturity Model Changes
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-23
Essential Eight is designed to protect organisations' internet-connected IT networks against cyber threats. This resource describes the changes for the November 2023 update of the Essential Eight Maturity Model.
Essential Eight Maturity Model FAQs
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jul-21
Updated
Apr-24
Essential Eight is designed to protect organisations' internet-connected IT networks against cyber threats. This information was developed to answer frequently asked questions on the Essential Eight Maturity Model.
Essential Eight Maturity Model v2023
Category
Standard
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Version
2023
Access
Open
Status
Active
Created
Jun-17
Updated
Nov-23
The Essential Eight Maturity Model describes three possible levels of maturity in an organisation's cyber security posture.
Example Essential Eight Assessment Test Plan
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-23
This document describes mitigation strategies, test IDs, control descriptions and test methodologies for assessment against Essential Eight Maturity Level Three.
Example Essential Eight Assessment Test Plan - Maturity Level One
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-23
This document describes mitigation strategies, test IDs, control descriptions and test methodologies for assessment against Essential Eight Maturity Level One.
Example Essential Eight Assessment Test Plan - Maturity Level Two
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Nov-23
This document describes mitigation strategies, test IDs, control descriptions and test methodologies for assessment against Essential Eight Maturity Level Two.
Gateway Security Guidance Package: Executive Guidance
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jul-22
Updated
Jul-22
This guidance document helps organisations make informed risk-based decisions when designing, procuring, operating, maintaining or disposing of gateway services.
How to Manage Your Security When Engaging A Managed Service Provider
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Dec-18
Updated
Oct-21
This publication recommends strategies that organisations can use to manage security risks posed by engaging and authorising network access to managed service providers.
Identifying Cyber Supply Chain Risks
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jan-21
Updated
May-23
This guidance helps organisations to identify risks associated with the businesses in their cyber supply chain.
Information Security Manual
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Updated
Jun-24
This manual provides strategic guidance for organisations to protect their information technology and operational technology systems, applications and data from cyber threats.
Information Security Manual (ISM)
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Updated
Mar-24
The Information Security Manual (ISM) outlines a cyber security framework that an organisation can apply, using their risk management framework, to protect their systems and data from cyber threats.
Information Security Manual (ISM) Fact Sheet
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Mar-24
This factsheet summarises the content changes for the March 2024 Information Security Manual (ISM) update.
IoT Secure-by-Design Guidance for Manufacturers
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Sep-20
This document provides cyber security guidance for manufacturers of Internet of Things (IoT) devices, such as drones, security cameras, smart televisions, solar inverters and other ‘smart’ devices.
Mergers, Acquisitions and Machinery of Government Changes
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jul-19
Updated
Jun-22
This document dicusses the signifiacnt challenges to cyber security faced by organisations when they undergo change.
Planning for Critical Vulnerabilities - What Boards Need to Know
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Dec-23
This publication provides information on why it is important that Boards and their Directors are aware of and plan for critical vulnerabilities that have the potential to cause major cyber security incidents.
Preparing for and Responding to Denial-of-Service Attacks
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Sep-11
Updated
Mar-23
This document outlines how organisations can prepare for and potentially reduce the impact of denial-of-service attacks.
Restricting Administrative Privileges
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Jun-11
Updated
Nov-23
This publication provides guidance on how to effectively restrict administrative privileges.
Secure Administration
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Sep-15
Updated
Oct-21
This publication is designed to complement and expand on the guidance in the Information Security Manual (ISM).
Strategies to Mitigate Cyber Security Incidents
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Feb-10
Updated
Feb-17
This document provides strategies to help organisations mitigate cyber security incidents caused by various cyber threats.
Strategies to Mitigate Cyber Security Incidents – Mitigation Details
Category
Guidance Document
Organisation
Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)
Type
Standard
Access
Open
Status
Active
Created
Feb-10
Updated
Feb-17
This document helps organisations mitigate cyber security incidents caused by targeted cyber intrusions, ransomware, malicious insiders, business email compromise and threats to industrial control systems.