Skip to content

yadavgcybernet/cybersecurity-study-notes

Repository files navigation

Cybersecurity Study Notes

Personal study notes compiled by Yadav Ghorasainee — IS Auditor and Cybersecurity professional based in Perth, WA, Australia.

Covers Australian government cybersecurity frameworks, privacy law, and international data protection standards relevant to GRC, IS audit, and compliance roles in Australia.


Contents

Topic Description
Australian Information Security Manual (ISM) ASD/ACSC ISM controls, principles, and implementation guidance
ACSC Essential Eight Mitigation strategies, maturity levels, and implementation notes
Australian Privacy Principles (APPs) Privacy Act 1988 — all 13 APPs with notes and examples
GDPR EU General Data Protection Regulation — key articles and compliance notes
ISO27001:2022 Information Security Management Systems — key clauses, Annex A, SOA and risk management notes
NIST_CSF_2.0 Cybersecurity Study notes - Govern, Identify, Protect, Detect, Respond and Recover

Note: Files are being progressively detailed. Last updated April 2026.


Who this is for

  • Cybersecurity and GRC professionals preparing for audits or compliance assessments
  • Students studying for certifications such as CISA, (ISC)² CC, or ISO 27001 Lead Auditor
  • IT professionals transitioning into governance, risk, and compliance roles
  • Anyone preparing for work with Australian government or regulated-industry clients

Framework comparison quick-reference

Aspect ISM / Essential Eight ISO 27001:2022 NIST CSF 2.0 GDPR / APPs
Scope Australian govt & critical infra Any organisation globally Any organisation globally Personal data processing
Mandate Mandatory for APS; recommended for others Voluntary (certification available) Voluntary Legally binding (EU/AU)
Focus Technical controls & maturity ISMS management system Risk-based cyber resilience Privacy rights & obligations
Audit body ACSC / ASD Accredited certification body Self-assessed or third-party OAIC (AU) / regulators (EU)

Usage

These are personal study notes — not official documentation. Always refer to the primary source documents from ACSC, NIST, ISO, and the OAIC for authoritative guidance.

Primary sources:


About the Author

Yadav Ghorasainee — MSc IT & Applied Security | ISO 27001 Internal Auditor
(ISC)² CC Passed · Fortinet NSE · Perth, WA · Full Australian Working Rights

📧 yadavg.cybernet@gmail.com
💼 linkedin.com/in/yadav-ghorasainee
🌐 Portfolio

License

CC BY 4.0

These notes are shared under the Creative Commons Attribution 4.0 licence. You are free to share and adapt with attribution.

About

Study notes on Australian Information Security Manual (ISM), Essential Eight, Australian Privacy Principles (APPs), NIST CSF 2.0, ISO 27001:2022 and GDPR — for cybersecurity and GRC professionals.

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors