ACSC updates IRAP program
The Australian Cyber Security Centre (ACSC) is enhancing the Information Security Registered Assessor Program (IRAP) to strengthen the cybersecurity assessment framework.
The agency has released an updated IRAP policy and a new IRAP Assessor Training module following an independent review of the program.
The enhanced program has been designed to help develop the capabilities of industry partners, increase the number of cybersecurity assessors and bolster national cybersecurity efforts. It has been developed in consultation with government and industry representatives.
Changes include increases to the standard and consistency of cybersecurity advice provided by IRAP assessors by requiring these assessors to maintain and demonstrate ICT security knowledge.
Other changes include a minimum requirement for IRAP assessors to maintain a Negative Vetting Level 1 Security Clearance, and enhanced governance arrangements in place for assuring IRAP assessors are performing their roles as independent third parties.
The ACSC has also established a revised five-day IRAP training course, which covers both IRAP and Information Security Manual fundamentals.
The new policy will apply to all assessments initiated going forward, and current IRAP assessors will have 24 months to meet new requirements outlined in the policy.
The ACSC is now taking applications for IRAP assessors to take part in the program.
Fujitsu establishes security consulting division
Fujitsu's new digital security consulting division will help organisations prepare for and...
Macquarie Government selected for Australian Defence procurement panel
Macquarie was added to the ICTPA panel following a long history of supporting Australian...
Cobalt Iron nabs EU patents for security techniques
Cobalt Iron has secured patents from the European Patent Office for new cyber event...