History
- Priority
- must
- Jul 2019
- Removed
- Security controls 0064, 0809, 0904, 1531, 0805 and 1140 removed due to being covered by the new The Australian Government Information Security Manual executive overview.
- Jun 2019
- Security risks associated with the operation of a system are determined by a security assessment, and formally accepted by an authorising officer, before the system is authorised to operate.
- 2015
- Systems must be awarded accreditation before they are used to process, store orcommunicate sensitive or classified information.
- 2010
- Agencies must ensure that all systems are awarded accreditation before they are used to process, store orcommunicate information.
- 2008
- Agencies should ensure that systems are awarded ICT security accreditation before they are used operationally.