Control: ism-0300; Revision: 8; Updated: Mar-22; Applicability: TS; Essential Eight: N/A ​

Patches, updates or vendor mitigations for security vulnerabilities in high assurance ICT equipment are applied only when approved by the ACSC, and in doing so, using methods and timeframes prescribed by the ACSC.