Sorry, you need to enable JavaScript to visit this website.
Skip to main content

IRAP

Information Security Registered Assessors Program.

IRAP logo

Information Security Registered Assessors Program (IRAP)

Jul 1, 2018 - The Information Security Registered Assessors Program (IRAP) ensures government agencies can access high-quality information and communications technology (ICT) assessment services.

IRAP Tool Kit

Jul 1, 2018 - The Information Security Registered Assessors Program (IRAP) is an Australian Signals Directorate (ASD) initiative to provide high-quality information and communications technology (ICT) security assessment services to government. ASD endorses suitably-qualified ICT professionals to provide relevant security services which aim to secure broader industry and Australian Government information (and associated) systems. IRAP Assessors assist in securing your ICT networks by assessing your security compliance and highlighting the information security risks facing your organisation.

Accreditation

Jul 1, 2018 - Why Achieve Accreditation? Achieving system accreditation will: identify the strengths and weaknesses of your system allow you to focus your resources on the areas most at risk, and highlight your system's security non-compliance and any associated residual risks. Determining the authorities in your system accreditation framework will identify clear lines of accountability. Segregating these authorities will provide you with an impartial framework with which to assess the security of your system.

IRAP Assessors

The Australian Signals Directorate's (ASD) Information Security Registered Assessors Program (IRAP) endorses qualified ICT security professionals to provide information security services.

ASD Certified Services

The Australian Signals Directorate (ASD) has certified gateway services for use by multiple government agencies for many years, and in 2015 commenced certifying cloud services too. Learn more about: ASD-certified cloud services ASD-certified gateway services. Should you wish to procure an ASD-certified service, please discuss the details with one of the listed providers. ASD only certifies selected services, not the entire provider.

Why Engage an IRAP Assessor?

An IRAP Assessor will assist you to navigate through the accreditation framework, by helping you to understand and implement Australian Government security: standards requirements controls, and recommendations. Any Australian organisation can engage an IRAP Assessor, not just Australian government agencies. IRAP Assessors provide assessment services based on:

ASD Certified Gateways

Gateway services that are used by multiple government agencies must be IRAP assessed and certified by the Australian Signals Directorate (ASD), with agencies using the service awarding accreditation. The following providers maintain a PROTECTED gateway environment for government use. This environment has been IRAP assessed and ASD certified.

ASD Certified Cloud Services

ASD has awarded ASD Certification to the listed cloud service providers for specified cloud services. ASD has issued the providers with a, Certification Letter outlining the details of the certification and describing the conditions of holding certification and when re-certification may be triggered and Certification Report which provides customers with an overview of the security aspects which should be considered prior to accreditation.

What is IRAP?

The Information Security Registered Assessors Program (IRAP) is an Australian Signals Directorate (ASD) initiative to provide high-quality information and communications technology (ICT) security assessment services to government. ASD endorses suitably-qualified ICT professionals to provide relevant security services which aim to secure broader industry and Australian Government information (and associated) systems.

Who are IRAP Assessors?

RAP Assessors are ASD-certified ICT professionals from across Australia who have: the necessary experience and qualifications in ICT, security assessment and risk management, and a detailed knowledge of Australian Government information security compliance requirements. Individuals can apply to become IRAP Assessors if they can: