Ensure Network Paths are Isolated in CDSs
Systems manage separate and secure network paths for upward and downward data movements to prevent security breaches.
Plain language
This control is about keeping certain types of data moving in one direction only on a network, so it doesn’t mix up with other data. By doing this, organisations protect themselves from unwanted data leaks or security breaches that could lead to sensitive information falling into the wrong hands.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Official control statement
CDSs implement isolated upward and downward network paths.
Why it matters
Failing to isolate upward and downward CDS network paths can enable data to traverse between domains, causing cross-contamination, data leakage and unauthorised access.
Operational notes
Regularly validate CDS architecture keeps upward and downward paths physically/logically separated, and test permitted flows to confirm no unintended bridging or reverse transfer.
Implementation tips
- The IT team should work on creating separate network pathways for data moving up (into secure areas) and data moving down (out to less secure areas). This can be done by setting up separate cables or virtual paths within the network systems.
- The network administrator should regularly test these pathways to ensure they are not mixing or allowing data to flow in unintended directions. They can do this by running simulations and checking the flow of data packets.
- The system manager should collaborate with security advisors to assess which data needs strict direction controls. They should map out each type of data and ensure it uses the correct network path.
- IT support should train staff on the importance of not using unofficial paths for data transfers. This can be done through regular information sessions and reminders about data security policies.
- Management should review the existing network configurations quarterly to verify that all changes in data flow needs are up to date. They can do this by checking the latest network maps and configurations against current requirements.
Audit / evidence tips
- AskThe network configuration documents: Request the latest network setups showing the separate paths for upward and downward data GoodIs a clear diagram showing two distinct paths with labels indicating the direction of data flow
- AskTesting reports of the data pathways: Request documentation of recent tests or audits conducted on data paths GoodWould be a report with successful test results and any actions taken to fix issues
- AskPolicies related to data flow control: Request the policy documents that outline how data flow is managed GoodIs a current document signed off by management and accessible to all staff
- AskStaff training records on data pathway usage: Request records of training sessions held regarding proper data transfer practices. Look into the attendee lists and feedback to verify comprehension and compliance GoodIncludes multiple sessions over time with a large majority of relevant staff attending
- AskA risk assessment report: Request the document that evaluates the risks of data not following the correct paths GoodIs a thorough report updated regularly to reflect any changes in the system or risks
Cross-framework mappings
How ISM-0635 relates to controls across ISO/IEC 27001, ISO/IEC 42001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 8.22 | ISM-0635 requires CDSs to implement isolated upward and downward network paths to separate data flows by direction and reduce the risk of... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.