The Irrational Security Monologue

Top Articles

1414. ISM2018 September Release - The Good, the Bad and the Ugly
1413. ASD Seeking Consultation for ISM
1376. ISM2016 May Release - The Good, the Bad and the Ugly
1328. ISM2017 September Release - The Good, the Bad and the Ugly
1071. ISM Controls Checklist Builder
980. ISM2016 Draft Release
842. Ionize IRAP Checklist Builder
812. The PSPF Update for INFOSEC 4
810. Puff-Puff-Pass the Hash
798. The bad ju-ju of X11
782. ISM2014 February Release
756. The ISM Word Cloud

So today I finished fixing up a whole heap of transcription errors between the released PDF and my ISM2014-02 data import (cheers to the ISM-Beta Guys); and for funzies I've pushed out three of the static HTML versions of the ISM data that I have been playing around with. What's great about these versions is you can save the page as a self-contained HTML file and it is portable to another system. Check them out here:...

Good news, after a complete rebuild of the XML schema used to store the ISM for the ISM2014-Draft I have now completed doing the back conversion of the released PDF version to XML.

Updates include brand new diagrams (specifically related to Cross Domain Solutions) a whole bunch of revisions to existing guidance, here's some stats:...

So I've jumped off the deep-end and put all my planning and thoughts about a mobile ISM application, into an actual application! I've moved on from the Web-Based view of the ISM as a bunch of HTML files as an application to actually writing a cross-compile web application. OK I got lazy and started using Monaca which I've been really enjoying....

So I was having a good read of the ISM2014-Draft while trying to transcribe it and I spotted a heading missing from the "Managing Cyber Security Incidents"; so like always I shot off an email to the ISM Team and they actually responded with a thank-you. Achievement Unlocked!...

So as promised, I have been working at transcribing the full ISM2014-Draft PDF with all 933 Controls into my project. 128 of these controls were changed according to ASD, however they forgot to update one control they changed, so it's actually 129. I was adding the Glossary/Reference section to the end of the document, but I came to realize that this will probably be brand new when the official version is finally released, so there is little point for now....

Good news, I have now finished exporting out the latest revision of the ISM2013-08 for Lumension RiskManager. As before this DataPack contains the full document guidance mapped to all ISM Controls; I believe there is talks of releasing a PSPF version as well which is cross-linked using my mapping....

So the next revision of the Australian Governments most confusing and disjointed Information Security compliance document has been revised; with an eye trained on the new Mandatory Requirement: INFOSEC 4....