Skip to main content

Who are IRAP Assessors?

RAP Assessors are ASD-certified ICT professionals from across Australia who have:

  • the necessary experience and qualifications in ICT, security assessment and risk management, and
  • a detailed knowledge of Australian Government information security compliance requirements.

Individuals can apply to become IRAP Assessors if they can:

  • attain a minimum Baseline security clearance
  • demonstrate a minimum of five years of technical ICT experience with at least two years of information security experience on systems using the Australian Government Information Security Manual (ISM) and supporting publications
  • provide two current and relevant professional referees who can attest to the applicant's character, competence and ICT experience
  • provide two external customers who can directly attest to the applican't technical ICT understanding, knowledge of the ISM and security assessment experience, and
  • show evidence of relevant ICT and auditing qualifications, one from Category A and one from Category B.

Category A

Category B

When ASD has confirmed that the above requirements have been met, the individual can:

If the candidate successfully passes the examination they are added to the list of registered IRAP Assessors.

In accordance with the IRAP Policy and Procedures, IRAP Assessors maintain their skills by:

  • maintaining IRAP prerequisite qualifications in ICT and auditing disciplines
  • completing annual online Australian Government Information Security Manual (ISM) refresher training
  • attending ASD-endorsed workshops, forums and conferences, and
  • participating in information-sharing activities across the IRAP and information security communities.

IRAP Assessors make a valuable contribution to Australia's national security objectives by assisting government agencies to improve their security posture by providing ICT security advice and assessment services.