2 mins read

DESE ISM Control Updates

The DESE ISM Scheme will continue to receive updated control releases to combat the ever-changing cybersecurity landscape.

In this blog, we will uncover the updates to the DESE ISM Scheme controls, as they are updated and announced by the Australian Cyber Security Centre.

September 2021

The September changes to the ACSC Information Security Manual (ISM)  have now been published. DESE ISMS Scheme participants will need to update their ISMS to incorporate the changes to the ISM, and are reminded that their SoA is required to be maintained to a version of the ISM that is no more than 3 months old.

Category updates include:

  • Alignment with ML2 and ML3 of the updated Essential Eight Maturity Model
  • Patching of drivers and firmware
  • Bringing radio frequency and infrared devices into highly classified areas
  • Foreign nationals accessing PROTECTED systems
  • Approval for use of mobile devices with highly classified data
  • Complexity requirements for passphrases
  • Virtualisation requirements for public cloud services
  • Use of WPA3 as an ASD approved cryptographic protocol
  • Use of Enhanced Mitigation Experience Toolkit (EMET)
  • Sanitising network devices
  • Minor changes

For more details on these changes, click here.

Keep Up-To-Date on the Latest DESE ISM Controls

Subscribe below to be the first to be the first to know when these updates occur.

Contact us to discuss your DESE ISM Scheme audit requirements

Contact Us

Sales Enquiries


Not a sales enquiry? Click here to view our office locations and contact details.
Chat with us