Secure Separation of Non-TOP SECRET and TOP SECRET Panels
Install barriers and restrict access to mix different security level patch panels in cabinets.
Plain language
This control is about making sure that when you have equipment for handling regular and highly classified information in the same cabinet, they don't mix up. Think of it like storing your regular and secret files in a drawer: you'd want a divider between them and only let very trusted people access the drawer. This matters because if the equipment gets mixed, sensitive information might accidentally get exposed.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
TS
ISM last updated
Feb 2023
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Section
Cabling infrastructureOfficial control statement
Where spatial constraints demand non-TOP SECRET patch panels be installed in the same cabinet as a TOP SECRET patch panel: - a physical barrier in the cabinet is provided to separate patch panels - only personnel holding a Positive Vetting security clearance have access to the cabinet - approval from the TOP SECRET system's authorising officer is obtained prior to installation.
Why it matters
If non‑TOP SECRET and TOP SECRET patch panels share a cabinet without a barrier and PV-only access, cross-connection or tampering could expose TOP SECRET traffic.
Operational notes
Install/inspect an internal barrier separating panels, restrict cabinet keys to Positive Vetting staff, and retain TOP SECRET authorising officer approval before changes.
Implementation tips
- Facility manager should ensure physical barriers are installed: For cabinets containing both non-TOP SECRET and TOP SECRET equipment, install a physical barrier inside the cabinet to separate the two. This might involve placing a heavy-duty divider to physically segregate the two sets of cables.
- Security personnel should manage access approvals: Only allow individuals with Positive Vetting security clearance to access these cabinets. Ensure they are listed in your access log system and conduct regular reviews of this list to ensure it is current.
- System owner should obtain prior approvals: Before installing any mixed security level equipment, secure written permission from the authorising officer for the TOP SECRET system. Keep a digital copy of this approval in a secure, organised folder.
- IT team should conduct regular checks: Regularly inspect cabinets to ensure that the barriers are intact and no unauthorised changes have been made. Set reminders in your work calendar to check these at least monthly.
- Organisation’s security officer should conduct briefing sessions: Brief any personnel with PV clearance on their responsibilities when accessing these cabinets. This includes the importance of maintaining the physical barrier and reporting any issues.
Audit / evidence tips
-
Askaccess logs for the cabinet: Request the documented entry logs for the cabinet, showing who accessed it and when
Goodis a log displaying strict access records with documented times and personnel signatures
-
Askthe service report or photographic evidence showing the presence of physical barriers in the cabinet
Goodincludes a recent service report or a timestamped photo showing the installed barrier
-
Askhow often they access the cabinet and what protocols they follow
Goodis one where they can articulate the barrier's purpose and their responsibility in maintaining security
-
Goodis an organised, systematic inspection process with no anomalies detected
-
Askthe written approval for any mixed installation in the cabinet
Goodis a neatly filed document indicating explicit consent from the authorising party
Cross-framework mappings
How ISM-0217 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (2) expand_less | ||
| Annex A 5.15 | ISM-0217 requires specific physical segregation and access control when non-TOP SECRET and TOP SECRET patch panels are co-located | |
| Annex A 8.3 | ISM-0217 mandates concrete controls like physical barriers and PV-only access for cabinets containing both non-TOP SECRET and TOP SECRET ... | |
| handshake Supports (1) expand_less | ||
| Annex A 7.1 | ISM-0217 focuses on physical separation within a cabinet and strict access controls for co-located patch panels | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.