Quarantine Security-Noncompliant Data for Review
Noncompliant data is quarantined for review before system entry when imported manually.
Plain language
When adding data to your company's systems by hand, it's important to hold back any information that doesn't pass security checks for closer inspection. This matters because if risky data slips through, it could lead to data breaches, affecting your business financially and damaging its reputation.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2022
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Official control statement
When manually importing data to systems, all data that fails security checks is quarantined until reviewed and subsequently approved or not approved for release.
Why it matters
If quarantined import data that fails security checks is not reviewed and approved before release, malware or sensitive data may be introduced, causing unauthorised access and reputational/financial damage.
Operational notes
For manual imports, ensure all items failing security checks are automatically quarantined, logged, and only released after a documented security review and explicit approval or rejection.
Implementation tips
- Office managers should coordinate with the IT team to make sure there's a clear process for handling data that doesn't meet security guidelines. This can be done by reviewing existing procedures and creating a step-by-step checklist for data handling.
- IT staff should use security tools to scan incoming data for potential risks or noncompliance issues. They can set up automated alerts within these tools to highlight any data that fails preset security standards.
- Data administrators should keep a record of all data flagged during imports. They can do this by maintaining a digital logbook that captures details like the date of import, type of data, and reasons for noncompliance.
- Business owners should confirm that there's a team in place to review flagged data regularly. This involves assigning specific team members to this task and scheduling periodic review meetings to discuss findings.
- Compliance officers should work with IT personnel to establish criteria for approving or rejecting quarantined data. They can do this by drafting a policy document outlining acceptable data characteristics and approval processes.
Audit / evidence tips
-
Askthe data import procedures manual: Check if it includes steps to quarantine and review noncompliant data
Goodis a clear, step-by-step guide tailored to this control
-
Goodshows consistent entries with actions for each flagged piece of data
-
Askthe minutes from data review meetings
Goodincludes meeting dates, attendees, and a summary of decisions
-
Goodincludes a recent report with both passing and noncompliant datasets flagged appropriately
-
Askto see the data approval policy: Look to ensure it outlines criteria for data release after quarantine
Goodcontains detailed requirements and is signed off by a responsible executive
Cross-framework mappings
How ISM-1778 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| handshake Supports (1) expand_less | ||
| Annex A 8.12 | ISM-1778 requires that when data is manually imported, any data that fails security checks is quarantined until it is reviewed and either... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.