After fixing the ISM2012 XML release I stripped the layout and converted the 2012 edition of the Australian Government Protective Security Policy Framework into XML as well.

While I was knee-deep in the transform, I figured I'd have a go at mapping ISM controls from my 2012 XML edition of course. The included ISM2012 controls that I selected for mapping are a bit of a subjective interpretation and are not guaranteed to be complete; however it's a start.

Here is the top of the XML transform with the first Requirement so you get an idea on the format:

<framework>

<title>Protective Security Policy Framework December 2012</title>
<part>
    <title>Governance</title>
    <chapter>
        <title>Developing a security culture</title>
        <paragraph>
            <id>32</id>
            <content>To successfully deliver the Protective Security Policy Framework, agencies need to foster a professional culture and a positive attitude towards protective security.</content>
            <requirements>
                <requirement>
                    <name>GOV-1</name>
                    <para>Agencies must provide all staff, including contractors, with sufficient information and security awareness training to ensure they are aware of, and meet the requirements of the PSPF.</para>
                    <ctrl>0251,0252,0253,0255,0256,0922</ctrl>
                </requirement>
            </requirements>
        </paragraph>
    </chapter>
</part>

</framework>