Ensure Separate Cabinets for TOP SECRET Patch Panels
TOP SECRET patch panels must be within their own separate cabinets to enhance security.
Plain language
This control means that if you're dealing with highly sensitive information, known as 'TOP SECRET', the cables that connect to these systems should be kept in their own locked cabinet. Doing this helps ensure that no unauthorised person can tamper with the connections and steal or modify this crucial data.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
TS
ISM last updated
Feb 2023
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Section
Cabling infrastructureOfficial control statement
TOP SECRET patch panels are installed in individual TOP SECRET cabinets.
Why it matters
If TOP SECRET patch panels are not housed in individual TOP SECRET cabinets, unauthorised access or tampering could expose classified network links and compromise confidentiality.
Operational notes
Verify each TOP SECRET patch panel is installed in its own TOP SECRET cabinet; check cabinet labels, locks and seals, and record access to each cabinet in the access log.
Implementation tips
- Facilities manager should work with the IT team to identify which patch panels handle TOP SECRET information. This involves reviewing current cable management practices and marking which panels need enhanced physical security.
- The IT team should source suitable cabinets designed specifically for security, ensuring they have features such as high-quality locks. Consult with a trusted supplier to choose cabinets that meet the Australian Government security guidelines.
- An office manager should designate and restrict access to the room where these cabinets are located. This could involve updating access cards so only those with a TOP SECRET clearance can enter.
- IT should regularly audit who has access to the TOP SECRET cabinets. This includes maintaining an access log to record who opens these cabinets and when. Review logs monthly to ensure there are no irregularities.
- HR should ensure that all personnel with access to these cabinets are appropriately cleared. This involves checking staff clearances and ensuring they understand the importance of maintaining the confidentiality of the information.
Audit / evidence tips
-
Askthe floor plan showing cabinet locations: Request a map of the facility marking the locations of the TOP SECRET cabinets
Goodshows an up-to-date map with all relevant cabinets clearly marked
-
Askto see the access control logs for the cabinet room: Examine the entry records for any unapproved entry attempts. Good records will show timestamps, names of individuals accessing, and verification checks
-
Askthem to describe the security protocols they follow for managing TOP SECRET patch panels. A detailed explanation of procedures and secure practices indicates effective implantation
-
Goodresult shows no signs of tampering and robust security hardware
Cross-framework mappings
How ISM-0216 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 7.3 | ISM-0216 mandates a specific physical protection measure for TOP SECRET communications infrastructure by requiring patch panels to be hou... | |
| sync_alt Partially overlaps (1) expand_less | ||
| Annex A 7.8 | Annex A 7.8 requires equipment to be securely sited and protected from unauthorised access and damage | |
| link Related (1) expand_less | ||
| Annex A 7.5 | Annex A 7.5 requires organisations to implement protections against physical threats to infrastructure, including preventing unauthorised... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.