ISM-1103 ASD Information Security Manual (ISM)

Terminate Cables Outside Cabinets in Secure Areas

In top secret areas, cables must end at the cabinet's edge unless in server or communications rooms.

Preventative Non-classified OFFICIAL: Sensitive PROTECTED SECRET TOP SECRET ASD Information Security Manual Guidelines for communications infrastructure Cabling security Secure areas

🏛️ Framework

ASD Information Security Manual (ISM)

🧭 Control effect

Preventative

🔐 Classifications

NC, OS, P, S, TS

🗓️ ISM last updated

Nov 2021

✏️ Control Stack last updated

22 Feb 2026

🎯 E8 maturity levels

N/A

Guideline

Guidelines for communications infrastructure

Section

Cabling infrastructure

Topic

Connecting Cable Reticulation Systems to Cabinets

Official control statement

In TOP SECRET areas, cable reticulation systems leading into cabinets not in server rooms or communications rooms are terminated at the boundary of the cabinet.

Source: ASD Information Security Manual (ISM)

Plain language

In areas where top-secret information is handled, it's crucial that cables are managed carefully. This control means that if the cables aren't within a server or communications room, they should be stopped right at the cabinet's edge to avoid security risks. If this isn't done, sensitive information could be tapped or intercepted by unauthorised parties, which could lead to data breaches and serious consequences for your organisation.

Why it matters

If cables are not terminated at the cabinet boundary in TOP SECRET areas, tapping or rerouting within the reticulation can expose TOP SECRET data and enable unauthorised access.

Operational notes

Inspect TOP SECRET secure areas to confirm reticulation cables are terminated at the cabinet boundary for cabinets outside server/comms rooms, and rectify any cable runs entering cabinets un-terminated.

Implementation tips

IT team should inspect existing installations: Review all the cable installations in areas dealing with top-secret information. Check where the cables are terminated and ensure they stop at the cabinet's boundary if they are outside of server or communications rooms.
Facilities manager should plan with IT staff: Collaborate to design cabling plans that meet this control during renovations or new installations. Ensure that new cables are routed into cabinets only through permitted areas.
Security officer should verify cable routes: Conduct regular checks on the physical pathways of cables leading into cabinets. Use diagrams or walk-throughs to ensure they comply with the control requirements.
IT team should document cabling compliance: Keep a detailed log of where cables are terminated in secure areas. This document should be periodically reviewed and updated to reflect changes or upgrades.
Training coordinator should educate staff: Provide training sessions for staff involved in cable management about the importance of this control and its compliance requirements. Use real-world examples to illustrate potential risks of non-compliance.

Audit / evidence tips

Ask: cabling diagrams and termination logs: Request up-to-date layouts of cable installations in relevant secure areas

Good: shows all cables ending at cabinet boundaries in non-server locations
Ask: to see recent inspection reports: Request records of the most recent physical inspection conducted by security or IT staff

Good: includes identified issues and clear resolution steps
Ask: staff training records: Request documentation of training sessions conducted on this control

Good: shows comprehensive details of training with high participation rates
Ask: to review change management records: Request records of changes made to cable systems in secure areas

Good: contains authorised signatures and clear compliance considerations
Ask: compliance review schedules: Request information on the scheduled and completed compliance reviews

Good: includes regular review dates and prompt corrective actions if needed

Cross-framework mappings

How ISM-1103 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.

These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.

ISO 27001

Control	Notes	Details
Partially meets (2)
Annex A 7.6	ISM-1103 mandates a specific physical security measure for TOP SECRET secure areas: terminating cabling at the cabinet boundary when cabi...
Annex A 7.12	ISM-1103 requires that, in TOP SECRET areas, cable reticulation systems leading into cabinets (outside server/communications rooms) are t...
Supports (1)
Annex A 7.1	Annex A 7.1 requires organisations to define and use physical security perimeters to protect areas containing information and associated ...