ASD's Blueprint for Secure Cloud

Data Transfers

This page provides a template and guidance to assist organisations in documenting their approach to data transfers associated with their system(s) built on ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Data transfers


ISM controls relating to data transfers within <SYSTEM-NAME>’s system boundary are applicable to and covered by this section of the SSP.


Organisational policies and processes implemented

Data transfers associated with <SYSTEM-NAME> are performed in accordance with <SYSTEM-NAME>’s Data Transfer Process, which outlines the processes and methods that can be used to transfer data into or out of <SYSTEM-NAME>.

<ORGANISATION-NAME>’s Security Operations Centre (SOC) will monitor data transfer logs in accordance with <SYSTEM-NAME>’s Continuous Monitoring Plan.


Technical controls implemented

Technical controls for <SYSTEM-NAME>’s implementation of data transfers are configured with reference to ASD’s Blueprint for Secure Cloud including the following technical configurations:

  • Defender for Endpoint will scan all data copied onto Windows 11 devices
  • event logs are generated when data is transferred from a Windows 11 endpoint to external media. These Logs are then centrally stored and monitored.


Security & Governance


Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra