Detect Unauthorised RF Devices in Secure Areas
Use security measures to find and handle unauthorised RF devices in secure zones.
Plain language
This control is about making sure no one sneaks in devices that send or receive radio signals into secure areas, like places where top-secret information is kept. These unauthorised gadgets, if undetected, could be used to listen in on conversations or steal sensitive data, putting your organisation at serious risk.
Framework
ASD Information Security Manual (ISM)
Control effect
Detective
Classifications
S, TS
ISM last updated
Feb 2019
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for physical securitySection
Facilities and systemsOfficial control statement
Security measures are used to detect and respond to unauthorised RF devices in SECRET and TOP SECRET areas.
Why it matters
If unauthorised RF devices are not detected in SECRET/TOP SECRET areas, they can capture or transmit sensitive communications, causing serious data compromise.
Operational notes
Use approved RF detection tools and perform scheduled and random sweeps in SECRET/TOP SECRET areas; tune baselines and investigate alerts promptly.
Implementation tips
- Security team: Plan regular sweeps of secure areas for any unknown radio frequency devices. Use handheld RF detectors to check for unexpected signals and cover all corners of the area for thoroughness.
- Office manager: Brief all staff on the policy regarding RF devices in secure areas. Hold a short session to explain why these rules matter and ensure everyone signs a form acknowledging their understanding.
- IT team: Implement technology that can pick up and alert you to new or suspicious RF devices entering the area. Set up alerts so your staff receives a notification if something unusual is detected.
- Facilities team: Control the access points by ensuring doors to secure areas have electronic locks that can log entries. Only allow access to those with a legitimate need and maintain an updated list of these individuals.
- Procurement officer: Work with suppliers to ensure any equipment brought into secure areas is vetted and approved. Create a checklist that confirms all devices meet security standards before they are allowed inside.
Audit / evidence tips
-
Askthe RF detection plan: Request the document or workflow detailing how often rooms are checked for RF devices
Gooda schedule with regular intervals and responsible persons indicated
-
Askto see training records: Request a log or record of staff training sessions on RF device policy
Goodsigned attendance sheets showing participation and understanding
-
Askabout detection technology: Request evidence of any technological tools used to detect RF devices
Gooddocumentation of devices in use and logs of detected signals
-
Askaccess logs: Request logs showing who entered the secure areas and when
Goodlogs with no unauthorised entries and consistent with staff authorisations
-
Askequipment vetting records: Request the checklist or logs used when vetting equipment brought into secure areas
Gooddetailed logs showing each item vetted and approved before entry
Cross-framework mappings
How ISM-0829 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (1) expand_less | ||
| Annex A 7.6 | ISM-0829 requires security measures to detect and respond to unauthorised RF devices in SECRET and TOP SECRET areas | |
| handshake Supports (1) expand_less | ||
| Annex A 7.1 | ISM-0829 requires security measures to detect and respond to unauthorised RF devices in SECRET and TOP SECRET areas | |
| link Related (1) expand_less | ||
| Annex A 7.5 | Annex A 7.5 requires protections against intentional physical threats to infrastructure | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.