If you're an Australian business and confused about which cybersecurity frameworks you should be complying with, you're not alone. This is likely to change in the near future.
At the time of writing this, adopting the CIS controls framework is not a mandatory requirement for Australian businesses.
ISO?IEC 38500 empowers multiple parties to take ownership of a company's security posture including: This framework is supported by six principles: For more information, refer to the official ISO/IEC 38500 2015 standard document. ISO 38500 is an international standard for IT security, so Australian businesses are expected to be compliant with this framework.