The Government of Bangladesh Information Security Manual (GOBISM) details processes and controls that are important for the protection of Bangladesh Government unclassified information and systems. This manual is intended for use by Bangladesh Government departments, agencies and organizations. Private sector organizations are also encouraged to use this manual.
This document is based on International Standards ISO/IEC 27001:2013 and ISO/IEC
27002:2013, which we consider to be best
international standards governing information
security in organizations and we expect to see
the increasing number of organizations implementing those standards in the near future.
Besides, the GOBISM follows the framework
and controls established in New Zealand Information Security Manual (NZISM) (report on
this matter was provided to Bangladesh Computer Council along with the reports on Australian ISM , UK ISM and US ISM on 9th of
GOBISM / We believe that by following best international practices in information security management, merging two outstanding documents (ISO/IEC 270xx standards and New Zealand Information Security Manual) and adapting them for the needs of the Government of Bangladesh, we are able to provide the Bangladesh Computer Council with:
- Solid, flexible and implementable information security manual that covers every important aspect of information security that needs to be implemented by government agencies in order to ensure the protection of their systems and information
- A set of information security principles and measures that could be translated into Government legal acts, policies and standards pertaining to Bangladesh information security
- A solid framework and set of controls for accreditation and certification of government systems
- A flexible way for risk management based on government agencies needs and priorities
- A smooth option to expand the GoBISM and make it applicable to classified information, if required