Victorian Government Leveraging Alyne to Manage Cyber Risk

The Victorian Government (Australia) is using Alyne to help manage its cyber security and risk management, including monitoring its compliance with the Australian Government's Information Security Manual (ISM).

As part of its service, Alyne has added full coverage support for the ISM’s 945 Controls to its content library. In addition to measuring its compliance with the 37 standards, laws and regulations that were already part of Alyne, the Victorian Government may now run assessments and manage cyber risks using Alyne’s ISM Control Sets.

The ISM, produced by the Australian Signals Directorate (ASD), assists Australian government agencies, organisations and entities in applying a risk-based approach to protecting their information and systems. The Controls are designed to mitigate the most likely threats to Australian government agencies, but may also be implemented by non-government entities, working with the government, to demonstrate compliance.

Comprising 945 Information Security Controls, the ISM is extremely comprehensive and can be fairly unwieldy in its native form. In Alyne the ISM Controls are split into 17 Control Sets, each covering a unique ISM topic, including Information Security Governance, Physical Security, Personnel Security, Communications Security and various other aspects of Information Security. As with all Alyne Controls, the ISM Controls can be filtered and arranged in any number of ways, to suit the relevant entity and its purpose. For example, a compliance assessment of an IT system classified as Protected against only the “must have” requirements of the ISM can be easily configured within minutes.

Contact our team at to learn how Alyne can help your ISM initiative or learn about how you can experience Alyne’s capabilities in a Proof of Concept.


Cyrus Ardeshirian

Related Posts

Library Update: KAIT

The Alyne Content Library has recently been updated with a Control Set covering KAIT (Kapitalverwaltungsaufsichtliche Anforderungen an die IT) – the German BaFin's supervisory requirements for IT in Fund and Asset Management, defined in the 11/2019 (WA) circular in the version as of October 1, 2019.

Library Update: Health Insurance Portability and Accountability Act (HIPAA)

The Alyne team has recently rolled out a brand new addition to the Content Library with a comprehensive mapping of The Health Insurance and Accountability Management Act (HIPAA). This mapping covers not only section 164.3xx (Security Standards), but also the rules outlined in section 164.4xx (Breach Notification) and section 164.5xx (Privacy Aspects).

Introducing SOX-in-a-Box: Alyne's Internal Control over Financial Reporting (ICFR)

We are very excited to introduce Alyne's new Internal Control over Financial Reporting (ICFR) Control Set, which further expands on Alyne's extensive Library of Financial Controls. In this article, you will gain insight into how Alyne's out-of-the-box ICFR Capabilities can provide your organisation with an extensive health check for SOX and SOC 1 compliance.