General system documentation
Estimated reading time: 3 minutes
ASD’s Blueprint for Secure Cloud (the Blueprint) does not provide guidance or templates for general system documentation as required by ASD’s ISM. However, this page is provided as a check list and placeholder for organisations to refer to when reviewing, developing and updating documentation their documentation associated with system(s) built on the Blueprint.
Approved Supplier List
An Approved Supplier List is a requirement of ISM control ISM-1786.
Continuous Monitoring Plan
A Continuous Monitoring Plan is a requirement of ISM control ISM-1163.
Cyber Security Awareness Training
Cyber Security Awareness Training is a requirement of ISM control ISM-0252.
Cyber Security Incident Register
A Cyber Security Incident Register is a requirement of ISM control ISM-0125.
Cyber Security Incident Response Plan
A Cyber Security Incident Response Plan is a requirement of ISM control ISM-0576.
Data Backup Process and Procedures
Data Backup Process and Procedures are a requirement of ISM control ISM-1547.
Data Restoration Process and Procedures
Data Restoration Process and Procedures are a requirement of ISM control ISM-1548.
Data Transfer Process and Procedures
Data Transfer Process and Procedures are a requirement of ISM control ISM-0663.
Denial of Service (DoS) Response Plan for Video Conferencing and IP Telephony
A DoS Response Plan for Video Conferencing and IP Telephony is a requirement of ISM control ISM-1019.
ICT Equipment Destruction Process and Procedures
ICT Equipment Destruction Process and Procedures are a requirement of ISM control ISM-1741.
ICT Equipment Disposal Process and Procedures
ICT Equipment Disposal Process and Procedures are a requirement of ISM control ISM-1550.
ICT Equipment Maintenance and Repair Standard Operating Procedures (SOPs)
ICT Equipment Maintenance and Repair SOPs are requirements of ISM controls ISM-0305, ISM-0307, ISM-0306, ISM-0310, and ISM-1510.
ICT Equipment Register
An ICT Equipment Register is a requirement of ISM controls ISM-0336 and ISM-1548 for networked and non-networked ICT equipment respectively.
ICT Equipment Sanitisation Process and Procedures
ICT Equipment Sanitisation Process and Procedures are a requirement of ISM control ISM-0313.
Media Destruction Process and Procedures
Media Destruction Process and Procedures are a requirement of ISM control ISM-0363.
Media Disposal Process and Procedures
Media Disposal Process and Procedures are a requirement of ISM control ISM-0374.
Media Sanitisation Process and Procedures
Media Sanitisation Process and Procedures are a requirement of ISM control ISM-0348.
Mobile Device Emergency Sanitisation Process
Mobile Device Emergency Sanitisation Process are a requirement of ISM control ISM-0701.
Overseas Travel Processes and Procedures
Overseas Travel Processes and Procedures are a requirement of ISM controls ISM-1554, ISM-1555, ISM-1088, ISM-1300, and ISM-1556.
Vulnerability and Patch Management Process and Procedures
Vulnerability and Patch Management Process and Procedures are a requirement of ISM control ISM-1143
Plan of Actions and Milestones
A Plan of Actions and Milestones is a requirement of ISM control ISM-1564.
Removable Media Register
A Removable Media Register is a requirement of ISM control ISM-1713.
System Administration Process and Procedures
System Administration Process and Procedures are a requirement of ISM control ISM-0042.
Trusted Insider Program
A Trusted Insider Program is a requirement of ISM control ISM-1625.