As part of its service, Alyne has added full coverage support for the ISM’s 945 Controls to its content library. In addition to measuring its compliance with the 37 standards, laws and regulations that were already part of Alyne, the Victorian Government may now run assessments and manage cyber risks using Alyne’s ISM Control Sets.
The ISM, produced by the Australian Signals Directorate (ASD), assists Australian government agencies, organisations and entities in applying a risk-based approach to protecting their information and systems. The Controls are designed to mitigate the most likely threats to Australian government agencies, but may also be implemented by non-government entities, working with the government, to demonstrate compliance.
Comprising 945 Information Security Controls, the ISM is extremely comprehensive and can be fairly unwieldy in its native form. In Alyne the ISM Controls are split into 17 Control Sets, each covering a unique ISM topic, including Information Security Governance, Physical Security, Personnel Security, Communications Security and various other aspects of Information Security. As with all Alyne Controls, the ISM Controls can be filtered and arranged in any number of ways, to suit the relevant entity and its purpose. For example, a compliance assessment of an IT system classified as Protected against only the “must have” requirements of the ISM can be easily configured within minutes.