Memory integrity functionality is enabled
Ensure features that protect memory from exploits are enabled to prevent unauthorized code execution.
Plain language
Having memory integrity functionality enabled means your computer can better protect itself from harmful software trying to take over by hiding in your computer's memory. Think of it as adding an extra layer of bubble wrap to keep your important stuff safe. Without it, attackers can run bad software that might steal your information, slow down your systems, or cause costly disruptions.
Framework
ASD Essential Eight
Control effect
Preventative
E8 mitigation strategy
Restrict administrative privileges
Classifications
N/A
Official last update
N/A
Control Stack last updated
19 Mar 2026
E8 maturity levels
ML3
Official control statement
Memory integrity functionality is enabled.
Why it matters
Without memory integrity, attackers can exploit kernel memory flaws to gain high privileges, risking data theft and full system compromise.
Operational notes
Use Windows Security/Device Security or PowerShell to confirm Memory Integrity (HVCI) stays enabled, and investigate any changes after driver or OS updates.
Implementation tips
- The IT team should ensure memory integrity is turned on for all computers by checking the security settings within the operating system and then activating it where needed.
- System administrators must regularly update computer systems to the latest versions, as these updates often include important security features like memory integrity.
- Security officers should train staff on recognising the importance of enabling security features, including memory integrity, to prevent disabling them by accident.
- System administrators should verify that all computers have compatible hardware that can support memory integrity, ensuring that the feature can be turned on successfully.
Audit / evidence tips
-
AskHave you enabled memory integrity on all applicable systems?
-
GoodAll systems show memory integrity as enabled in their configuration logs, with no exceptions
-
AskHow frequently do you review the compatibility of systems with the latest security updates including memory integrity?
-
GoodMaintenance records show that memory integrity compatibility and status are checked and updates are applied every month
Cross-framework mappings
How E8-RA-ML3.4 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ASD ISM
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (2) expand_less | ||
| ISM-1409 | E8-RA-ML3.4 requires enabling memory integrity functionality as a specific hardening measure against exploitation | |
| ISM-1492 | E8-RA-ML3.4 requires memory integrity functionality to be enabled to harden systems against memory-based exploitation and unauthorised co... | |
| sync_alt Partially overlaps (1) expand_less | ||
| ISM-1745 | E8-RA-ML3.4 requires memory integrity functionality to be enabled to reduce the likelihood of successful memory exploitation | |
| link Related (1) expand_less | ||
| ISM-1896 | E8-RA-ML3.4 requires memory integrity functionality to mitigate memory-based attacks and unauthorised code execution | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.