Ensure Separation Between Top Secret and Other Cabinets
Ensure there's a visible gap between top secret and other cabinets for security reasons.
Plain language
This control is about keeping top-secret information separate from other confidential information by physically separating their storage cabinets. This matters because if all your sensitive papers are stored together, there's a higher risk of someone accessing information they shouldn't, which could lead to leaks or misuse of critically sensitive data.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
TS
ISM last updated
Feb 2023
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Section
Cabling infrastructureOfficial control statement
A visible gap exists between TOP SECRET cabinets and non-TOP SECRET cabinets.
Why it matters
If TOP SECRET and non‑TOP SECRET cabinets are not visibly separated, staff may misfile items, causing improper storage, spillage and potential compromise of TOP SECRET holdings.
Operational notes
Maintain a clearly visible gap between TOP SECRET and other cabinets; label TOP SECRET storage prominently and confirm the gap remains during routine physical security checks.
Implementation tips
- Facility manager should identify the physical locations of top-secret and other cabinets. Use a tape measure to ensure there's a noticeable gap of at least one metre between them to make sure they are distinctly separate.
- Office manager should label the cabinets appropriately. Clearly mark the top-secret cabinets as such to reduce confusion about which cabinets contain which level of information.
- Security personnel should ensure the physical layout supports separation. Conduct a walkthrough to confirm that the gap is present at any time, and consider adding physical barriers if needed.
- IT manager should document the layout and any changes in a secure record. Keep a floor plan that shows the position and separation of each cabinet stored in a secure digital file and update it whenever changes happen.
- Staff responsible for the documents within the cabinets should undergo training. Understanding why this separation is important can reinforce the importance of maintaining these physical barriers.
Audit / evidence tips
- AskThe facility layout plan showing cabinet locations: Request a copy of the site's current floor plan GoodWill show a minimum one metre gap clearly marked on the plan
- AskPhotographs or videos of the cabinet setup: Request recent media that depicts the cabinets' actual locations GoodWill show that the cabinets are not only separated, but that the separation is easily visible
- AskTo see the training records of responsible staff: Request documentation of training sessions describing the separation requirement GoodIncludes regular training that discusses physical security requirements
- AskAbout incident reporting for breaches or concerns: Request logs or records of any issues reported regarding cabinet separation GoodWill list resolved issues and any preventive actions taken
- AskThe security policy document covering cabinet setup: Request the part of the security policy that outlines cabinet separation GoodIncludes clear guidance for maintaining these processes
Cross-framework mappings
How ISM-1116 relates to controls across ISO/IEC 27001, ISO/IEC 42001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (2) expand_less | ||
| Annex A 7.3 | ISM-1116 requires a visible gap between TOP SECRET and non-TOP SECRET cabinets as a physical security and handling safeguard for classifi... | |
| Annex A 7.8 | ISM-1116 requires organisations to maintain a visible physical gap between TOP SECRET cabinets and non-TOP SECRET cabinets to reduce the ... | |
| link Related (1) expand_less | ||
| Annex A 7.5 | Annex A 7.5 requires organisations to design and implement measures that protect physical infrastructure from threats, including preventi... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.