Information security
INF052
Why information security matters
Every organisation relies on the confidentiality, integrity, and availability of the information it processes, stores, and communicates. Robust information security is a business enabler.
Mandatory requirements
The core information security requirements that mandated government agencies must follow and other organisations should consider as best practice.
Management protocol for information security
Protect your organisation’s information with robust security practices.
Take a risk-based approach to information security
In response to these threats, using a risk-based approach that applies sound risk management will best allow you to tailor an information security framework to your organisation’s operating context and the threats it may face. Not all information should be treated equally.
Creating a security culture
Everyone in your organisation needs to be part of your security culture, otherwise your security processes and tools won’t be effective.
Adopt a framework to manage information security
Your organisation should establish a framework to direct and coordinate the management of your information security.
Security classification system and handling requirements
Guidance on protecting official information from unauthorised access and accidental disclosure
Understand the information security lifecycle
The information security lifecycle describes the process to follow to mitigate risks to your information assets.
New Zealand Information Security Manual (NZISM)
The New Zealand Information Security Manual (NZISM) is the New Zealand Government’s manual on information assurance and information systems security.
Managing specific scenarios
Guidance on a range of scenarios that each have specific security requirements.
