About This File
Applying monthly ISM updates
Please note: There is no requirement for organisations to immediately implement monthly updates to the Australian Government Information Security Manual (ISM). Instead, organisations are encouraged to review the security risks for their systems (using the latest version of the ISM available at the time) based on a frequency suitable for their business requirements and in accordance with their corporate risk management framework. For example, every month, every three months (quarterly), every six months (semi-annually) or every year (annually).