Exclusive Secret Cable Bundling in Infrastructure
SECRET cables must be kept separate in their own bundles or conduits to enhance security.
🏛️ Framework
ASD Information Security Manual (ISM)
🧭 Control effect
Preventative
🔐 Classifications
S
🗓️ ISM last updated
Feb 2023
✏️ Control Stack last updated
22 Feb 2026
🎯 E8 maturity levels
N/A
Section
Cabling infrastructureSECRET cables, when bundled together or run in conduit, are run exclusively in their own individual cable bundle or conduit.
Source: ASD Information Security Manual (ISM)
Plain language
This control requires that cables carrying secret information have their own separate pathways, like their own special pipes, to keep them safe and secure. If this isn't done, confidential information might accidentally get mixed with less secure cables, exposing secrets to unauthorised access or cyber threats.
Why it matters
Bundling SECRET cables with other services increases the risk of compromise via mis-termination, tampering or signal leakage, causing a SECRET data spill or breach.
Operational notes
Inspect and label cable routes so SECRET runs remain in dedicated bundles/conduit; record moves/adds/changes and fix any mixed routing immediately.
Implementation tips
- The IT manager should identify all cables used for transmitting secret information within the organisation. They can do this by consulting with any staff responsible for handling secret data and reviewing infrastructure diagrams to pinpoint where these cables run.
- Facilities management should separate secret cables into their own exclusive conduits or bundles. This can be done by first mapping existing cabling routes and then installing new conduits where necessary, ensuring they do not mix with cables of other classifications.
- The security officer must ensure that all installations comply with security policies. They should verify that installation guides follow the standards set by the Australian Signals Directorate (ASD) regarding cabling practices for secret information.
- Systems administrators should regularly inspect these cable installations to ensure they remain separate and are not tampered with. Conduct visual inspections and use checklists that clarify what constitutes proper separation as per the guidelines.
- Organisation management should schedule regular training for relevant staff on the importance of cable separation. This includes explanations of the potential risks of non-compliance and instructions on how to report any issues with cabling infrastructure.
Audit / evidence tips
-
Ask: a cabling map or layout plan: Request documented maps that show where secret cables run through the building
Good: is a detailed diagram showing these separations clearly marked and labelled
-
Good: includes specific measures taken to avoid mixing secret cables with others
-
Ask: any emails or memos that communicated the requirement to keep secret cables separated. Check that these communications clearly outline the importance and procedures of doing so
Good: includes disseminated instructions recognised by all involved parties
-
Good: is a signed report indicating regular checks and results
-
Ask: records of training sessions regarding cable handling and separation. Ensure training is conducted regularly and includes up-to-date methods and policies
Good: is documented evidence of recent sessions with attendance records
Cross-framework mappings
How ISM-0187 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| Partially meets (1) | ||
| Annex A 7.12 | ISM-0187 requires SECRET cables, when bundled together or run in conduit, to be run exclusively in their own individual cable bundle or c... | |