Information security annual return


The 2020-2021 Information security annual return is to be completed and returned to by 30 September 2021 (please email us for alternative methods of submitting the annual return).

Changes to the spreadsheet include streamlining the process and simplifying the existing reporting requirements.  The changes made are:

  • simplifying the process to cater for both self, and independently assured ISMS returns and Essential Eight reviews using a single tab for each policy requirement.
  • inclusion of the reference to the newly developed guideline for conducting Essential Eight reviews
  • updated Readme tab with guidance and further information.
DocumentInformation security annual return 2020 - 2021
(XLSX, 82.14 KB)
Document typeTemplate
VersionFinal v1.0.0
Owner/authorCyber Security Unit
Approved date29 June 2021
Last updated30 June 2021
Security classificationOFFICIAL - Public

Supporting templates

Similar to last year, the annual return has links to templates within the spreadsheet to help departments completing the return. A list of supporting templates is shown below, noting Queensland Government agencies can now access these documents directly from the QG ISMS Community of Practice site. Alternatively, they can be requested by sending an email to with “IS18 supporting templates” in the email subject, noting these documents are only available to Queensland Government employees.

  1. ISMS Assurance audit report template
  2. ASD E8 report template
  3. Guideline for conducting Essential Eight reviews
  4. Agency information security attestation statement example
  5. ISMS directive
  6. Simple risk register template
  7. Simple SOA template

Last Reviewed: 22 August 2017