Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Our programs


Certification guidance

Jul 1, 2018 - Computer security evaluation is the detailed examination and testing of the security features of an ICT system or product to ensure that they work correctly and effectively and do not show any exploitable vulnerabilities. Process of evaluation There are three stages in the evaluation and certification process:.
IT Security

Submitting ICT security products for evaluation

Jul 1, 2018 - If you are an industry consultant or a product developer and would like your product evaluated, use the following checklist: Step 1 Conduct background research on government agency security needs through the Australian Government Information Security Manual (ISM) and/or the NZ ISM For an AISEP evaluation, refer to the AISEP publications to understand the management and operations of the AISEP. Step 2 Contact Australian…
Digital Evaluation

Recommendation for ACSC evaluation

Jul 1, 2018 - You can submit a letter of recommendation for evaluation up to EAL2 where there isnt yet an ACSC-approved Protection Profile for the relevant technology. Submit your evaluation request using this letter of recommendation for evaluation template. The letter of recommendation for evaluation serves three main purposes: It provides a record and helps with tracking. It helps us communicate with you during the evaluation. It…
Feature image - padlock green background

Protection Profiles

Jul 1, 2018 - A Protection Profile is a document that stipulates the security functionality that must be included in a Common Criteria evaluation. Agencies can have confidence that the scope of an evaluation against an ACSC-approved Protection Profile covers the necessary security functionality expected of the evaluated product and known security threats will have been addressed. The evaluation scope also includes the effectiveness…
Feature - OnSecure

Our online portals

Jul 1, 2018 - We provide information through two online portals to enable access and sharing of information about information security matters. One is available to members of our ACSC partnership program. The second, OnSecure, is for Australian Government ICT and cyber security professionals, IRAP assessors, selected vendors. . What Onsecure provides OnSecure provides: the latest cyber and information…

JCSC locations

Jul 1, 2018 - Joint Cyber Security Centres (JCSC) are rolling out across the country. . Brisbane The first Joint Cyber Security Centre opened in Brisbane on February 24, 2017. Location: Level 12, 340 Adelaide St, Brisbane. , Melbourne The Melbourne JCSC opened on October 11, 2017. Location: Level 32, 600 Bourke Street, Melbourne. , Sydney…
IRAP logo

Information Security Registered Assessors Program (IRAP)

Jul 1, 2018 - The Information Security Registered Assessors Program (IRAP) ensures government agencies can access high-quality information and communications technology (ICT) assessment services. . What the IRAP program does IRAP provides the framework to endorse individuals from the private and public sectors to provide cyber security assessment services to Australian governments. Endorsed IRAP assessors can…
Information security evaluation

High assurance evaluations

Jul 1, 2018 - A high assurance evaluation encompasses rigorous analysis and testing to search for any vulnerabilities in a product or system. . What our high assurance evaluations do Our high assurance evaluations determine whether a product or system is architected, implemented and manufactured in the most robust and secure fashion. We determine the method and strength of testing required for high assurance…
3D line chart

Evaluation Assurance Levels (EAL)

Jul 1, 2018 - The Common Criteria have seven assurance levels: from EAL1, the lowest, to EAL7, the highest. At present, only assurance levels up to EAL2 have been incorporated within the international Common Criteria Recognition Arrangement (CCRA). The seven levels are described below. The CCRA is moving away from EAL-based evaluations in favour of Protection Profile evaluations. Common Criteria Recognition Arrangement (CCRA…