ACSC updates IRAP program
The Australian Cyber Security Centre (ACSC) is enhancing the Information Security Registered Assessor Program (IRAP) to strengthen the cybersecurity assessment framework.
The agency has released an updated IRAP policy and a new IRAP Assessor Training module following an independent review of the program.
The enhanced program has been designed to help develop the capabilities of industry partners, increase the number of cybersecurity assessors and bolster national cybersecurity efforts. It has been developed in consultation with government and industry representatives.
Changes include increases to the standard and consistency of cybersecurity advice provided by IRAP assessors by requiring these assessors to maintain and demonstrate ICT security knowledge.
Other changes include a minimum requirement for IRAP assessors to maintain a Negative Vetting Level 1 Security Clearance, and enhanced governance arrangements in place for assuring IRAP assessors are performing their roles as independent third parties.
The ACSC has also established a revised five-day IRAP training course, which covers both IRAP and Information Security Manual fundamentals.
The new policy will apply to all assessments initiated going forward, and current IRAP assessors will have 24 months to meet new requirements outlined in the policy.
The ACSC is now taking applications for IRAP assessors to take part in the program.
Genetec updates its physical security SaaS platform
Genetec has announced new capabilities for its Security Center SaaS solution including expanded...
ACSC releases advice on implementing SIEM and SOAR platforms
The ACSC says that implementing SIEM or SOAR platforms can greatly benefit organisations by...
Last year was a record year for data breaches: OAIC
The OAIC reports that health service providers and the Australian Government again notified the...
