Notify Parties of Blocked Emails
Notify people if their sent or received emails are blocked due to marking issues.
Plain language
This control means that if an email you send or receive is blocked because of issues like wrong or missing labels, you're supposed to be informed. It's important because without this notification, you might miss important communication or leave a problem unresolved. This could mean lost opportunities or miscommunications that affect both personal and business outcomes.
Framework
ASD Information Security Manual (ISM)
Control effect
Responsive
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for emailSection
Email usageOfficial control statement
The intended recipients of blocked inbound emails, and the senders of blocked outbound emails, are notified.
Why it matters
Without notification of blocked inbound/outbound emails, important communications can be missed, delaying decisions and business processes.
Operational notes
Test block notices for inbound/outbound mail regularly, ensure they include sender/recipient context, and provide a help path for false positives.
Implementation tips
- IT Team should develop a process to monitor blocked emails: Set up an email system feature that flags emails when they are blocked. Use straightforward email filters to catch these incidents and send alerts to relevant parties.
- Office Manager should ensure all staff are aware: Hold a short, informal meeting to explain how staff will be informed if their emails are blocked. Use examples to show how emails are blocked and what they can do to fix the issue.
- System Administrator should configure email notification settings: Go into the email system settings and enable features that send automatic notifications to users when an email they send or receive is blocked. Make sure to test this setting by sending a test email and checking if the notification works.
- HR Department should update email policy documents: Add a section to your company's email policy detailing what happens when emails are blocked and how notifications are handled. Share the updated document with all employees via email.
- Office IT Support should provide support channels: Create an easy way for users to report or ask questions if they get a notification about a blocked email. This could be a shared email address or a helpdesk phone number that staff can use to quickly get help.
Audit / evidence tips
-
Askthe logs of blocked emails: Request logs that detail any emails blocked by the system within a specific timeframe
Goodlog will show comprehensive details for each blocked email, including key information like recipient, sender, and the date of the notification sent to the user
-
Askuser notification records: Request proof that notifications were sent to staff when emails they sent or received were blocked
Goodrecord will include the notification sent, the recipient’s response, and any follow-up actions taken
-
Askto demonstrate the notification system: Request a walkthrough showing how the system sends notifications for blocked emails
Gooddemonstration will show clear steps from detecting a blocked email through to sending out notifications
-
Asktraining materials shared with staff: Request a copy of any training slides or documents shared with employees about email handling and blocked notifications
Goodset of materials will be comprehensive, clear, and user-friendly
-
Askupdates made to email policies: Request the latest version of the email usage policy showing procedures for handling blocked emails
Goodpolicy will clearly define what has changed and how employees are informed
Cross-framework mappings
How ISM-1023 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
No cross-framework mappings recorded yet.