IRAP (ISM / PSPF)
I-RAP Assessments
Assessing agencies and private organisations’ ability to handle government information in compliance with ASD’s requirements.
IRAP ISM Compliance
Many government agencies (State and Federal) and private sector organisations handling Australian Government information are required to comply with the Information Security Manual (ISM). ICT and Cloud Providers (or to-be Providers) to the Australian Government must comply with the ISM.
Organisations willing to comply with the Australian Government Information Security Standard require the services of an Information Security Registered Assessors Program (IRAP) Assessor.
Privasec’s IRAP Assessors hold a Negative Vetting Level 1 clearance.
Organisations willing to comply with the Australian Government Information Security Standard require the services of an Information Security Registered Assessors Program (IRAP) Assessor.
Privasec’s IRAP Assessors hold a Negative Vetting Level 1 clearance.
Good to Know
Organisations that do not fully comply with the ISM may still be able to achieve IRAP certification based on their risk profile, as assessed by the IRAP Assessor, or if accepted by the ASD (or Certifying Authority).
IRAP Assessors
IRAP Assessors undergo a rigorous assessment processes by the IRAP Program and are recognised by the ASD (formerly DSD) as competent to access or develop and implement ICT security systems and relevant security controls for:
- Gateway /Fedlink /Cross Domain Solution (CDS) audits of all classification levels up to and including ‘top secret’ classification.
- Network and System reviews at all classification levels up to ‘top secret’ classification.
- Gatekeeper assessments at all classification levels up to ‘top secret’ classification.
Liaising with ACSC
Over the years, Privasec has established a solid relationship with the ACSC. We commonly liaise with the ACSC on behalf of our clients to:
- Advise ACSC on customers’ certification requirements.
- Discuss assessment report findings, provide details on specific services recommended for certification.
- Discuss the value these services will bring to the Australian Government.
All that we do help make the entire process easier for our customers.