ACSI 33

Introduction

The Australian Government Information and Communications Technology Security Manual
(also known as ACSI 33) has been developed by the Defence Signals Directorate (DSD)
to provide policies and guidance to Australian Government agencies on how to protect
their ICT systems.

Authority

Australian Government agencies are required by the Protective Security Manual (PSM)
to comply with ACSI 33. Agencies must consider the security implications of their IT
systems and devise policy and plans to ensure the systems are appropriately protected.
Although security needs will be greatest when national security classified or non-national
security classified information is being processed, even unclassified systems with no
special safety, mission critical, or financial implications should have some degree of
protection if a reliable or accurate service is to be maintained. 

Versions

There are two versions of the Manual. The SECURITY-IN-CONFIDENCE version contains the
security policies and guidance for all classifications. The UNCLASSIFIED version only
contains policies and guidance for the following classifications:
 PUBLIC DOMAIN,
 UNCLASSIFIED,
 IN-CONFIDENCE,
 RESTRICTED, and
 PROTECTED.

Releases

The manual will be released twice a year.

Only the first release of each year will be available in hardcopy; all other releases will
be in softcopy only. Changes introduced in these softcopy releases may include:

- amendments to individual blocks,

- addition of blocks to existing sections,

- addition of new sections, and

- deletion of blocks.

Distribution of the hardcopy will, where possible, be timed to coincide with the annual Security
In Government (SIG) conference run by the Attorney-General's Department.

Changes introduced in the hardcopy release may include:

- changes as listed above,

- addition, deletion or movement of chapters/parts, and

- re-numbering of all blocks.

The ACSI 33 homepage is located at:

	http://www.dsd.gov.au/library/infosec/acsi33.html