Displaying 1 - 10 of 148 (Page 1 of 15)
The Evaluated Products List (EPL) is the definitive list of certified information and communications technology (ICT) products for use by Australian and New Zealand government agencies in the protection of government information as required by the Information Security Manual.
The updated Australian Government Information Security Manual (ISM) has been released by the Australian Cyber Security Centre (ACSC). The 2018 release supports a move towards a risk-based approach that gives organisations greater flexibility to manage their cyber security based on their own unique circumstances, enabling greater innovation within Government.
Our programsAugust 2018
Australian and New Zealand government agencies can ask us to evaluate an ICT product (hardware or software) for evaluation up to EAL2 where we haven't yet approved a Protection Profile for the relevant technology. To request an evaluation, fill out the following template and email it to us at firstname.lastname@example.org.
Frequently Asked QuestionsFebruary 2019
Yes. All ICT security products implementing cryptography destined for use by Australian Government agencies must use ACSC-approved cryptographic algorithms and ACSC-approved cryptographic protocols. Further information is in the ISM.
CustomLoc provides security on an IBM-PC through a combination of software and hardware. Users must authenticate themselves via a password when first logging onto the machine, and are then presented with a comprehensive menu system, restricting the actions they can perform. All access to a DOS prompt can be removed from users, along with the ability to shell to DOS from applications.
Our programsJuly 2018
If you are an industry consultant or a product developer and would like your product evaluated, use the following checklist:
The Australian Cyber Security Centre (ACSC) has added Google Cloud Platform to the Certified Cloud Services List (CCSL) for unclassified workloads, increasing the options available to Australian Government agencies.
An IRAP Assessor will assist you to navigate through the accreditation framework, by helping you to understand and implement Australian Government security: standards requirements controls, and recommendations. Any Australian organisation can engage an IRAP Assessor, not just Australian government agencies.
The Common Criteria Recognition Arrangement Participants listed below, greatly encouraged by the 'agreement in principle' reached by the CC Management Committee in respect of the updated CCRA, and the associated work of the CC Development Board editing group producing the draft process for the creation of collaborative Protection Profiles, have been considering how best to support the demand fo
The Australian Cyber Security Centre (ACSC) has launched a nationwide program of cyber resilience and response activities for the electricity industry and for government agencies that have an energy and cyber security role.