ASD ISM — incremental change analysis
5
Added
1
Substantive
1
Clarification
1
Editorial
0
Relocated
0
Scope changes
3
Removed
1 · Change typology
2 · Classification footprint
Ceiling (highest level reached) / Floor (lowest level reached) — material changes
| Level | as ceiling | as floor |
|---|---|---|
| TOP SECRET | 6 | 0 |
| SECRET | 0 | 0 |
| PROTECTED | 0 | 0 |
| OFFICIAL: Sensitive | 0 | 0 |
| Non-Classified | 0 | 6 |
3 · Level-specific material changes
No level-specific material changes — every added/substantive control applies at all classifications (NC|OS|P|S|TS).
4 · Change location by chapter
5 · Control call-outs by category
Added — new controls (5)
| Control | Footprint | Location | Statement (excerpt) |
|---|---|---|---|
| ISM-1913 | NC|OS|P|S|TS | Guidelines for ICT Equipment › Hardening ICT equipment configurations | Approved configurations for ICT equipment are developed, implemented and maintained. |
| ISM-1914 | NC|OS|P|S|TS | Guidelines for System Hardening › Hardening operating system configurations | Approved configurations for operating systems are developed, implemented and maintained. |
| ISM-1915 | NC|OS|P|S|TS | Guidelines for System Hardening › Hardening user application configurations | Approved configurations for user applications are developed, implemented and maintained. |
| ISM-1916 | NC|OS|P|S|TS | Guidelines for System Hardening › Hardening server application configurations | Approved configurations for server applications are developed, implemented and maintained. |
| ISM-1917 | NC|OS|P|S|TS | Guidelines for Cryptography › Planning for post-quantum cryptography standards | Future cryptographic requirements and dependencies are considered during the transition to post-quantum cryptographic standards. |
Substantive amendments (1)
| Control | Edit dist | Location | Statement (excerpt) |
|---|---|---|---|
| ISM-0994 | 0.27 | Guidelines for Cryptography › Asymmetric/public key algorithms | ECDH is used in preference to DH. |
Clarifications (1)
| Control | Edit dist | Location |
|---|---|---|
| ISM-1446 | 0.14 | Guidelines for Cryptography › Using Elliptic Curve Cryptography |
Editorial / grammatical (1)
Cosmetic edits (normalised edit distance < 0.05). ISM-1867
Relocated (0)
0 cross-chapter moves (listed) · 0 intra-chapter section/topic reshuffles (count only).
Scope / applicability changes (0)
No control changed its classification reach this release.
Removed (3)
| Control | Footprint | Former location | Statement (excerpt) |
|---|---|---|---|
| ISM-0473 | OS|P | Guidelines for Cryptography | When using DSA for digital signatures, a modulus of at least 2048 bits is used. |
| ISM-1630 | OS|P | Guidelines for Cryptography | When using DSA for digital signatures, a modulus and associated parameters are generated according to FIPS 186-4. |
| ISM-1760 | S|TS | Guidelines for Cryptography | DSA is not used for digital signatures. |
Method. Controls only (ISM-principles excluded). A content modification requires ASD's native
revision/updated stamp to move (1 prose-only re-renders excluded as format noise). Relocation compares case/spelling-normalised chapter›section›topic paths. Nature = normalised edit distance (editorial <0.05, clarification <0.25, substantive ≥0.25 — uncalibrated). Footprints normalised across schemes (O→OS, ALL→NC|OS|P|S|TS); pre-Dec-2024 NC imputed.Generated by ISMexplorer v1.0.0 — longitudinal and per-release analysis of ASD Information Security Manual control changes.
Information Security Manual (ISM) published by Australian Signals Directorate / Australian Cyber Security Centre and © Commonwealth of Australia 2022-2026;
ISMexplorer analysis tool and publication © Baden Hughes, 2022-2026
ISMexplorer analysis tool and publication © Baden Hughes, 2022-2026