This Supplement is to highlight and share the implementation of code of practice for information and network security management by Malaysian information and communication industry base on ITU-T X.1051. The sets of requirements have been identified and documented in the “Requirements for Information and Network Security (INS)” developed by MTSFB (Malaysian Technical Standards Forum Bhd) and approved by MCMC (Malaysian Communications and Multimedia Commission) on 5th October 2016. The requirements are based on ITU-T X.1051 for establishing, implementing, maintaining and continually improving an information and network security management within the context of an organization. The code of practice for information security controls based on ITU-T X.1051 for Malaysian telecommunication organizations provide four (4) families of control focusing on Organization, Infrastructure, People and Environment.