History
- Priority
- must
- Nov 2018
- Removed
- Removed to ensure a focus on CISOs as the authority for all cyber security matters within organisations.
- 2017
- Agencies must appoint at least one executive, commonly referred to as an ITSM, to managethe day-to-day operations of information security within the agency, in line with the strategicdirections provided by the CISO or equivalent.
- 2015
- Agencies must appoint at least one executive, commonly referred to as an ITSM, to managethe day–to–day operations of information security within the agency, in line with the strategicdirections provided by the CISO or equivalent.
- 2010
- Agencies must appoint at least one ITSM.