ACSC updates IRAP program
The Australian Cyber Security Centre (ACSC) is enhancing the Information Security Registered Assessor Program (IRAP) to strengthen the cybersecurity assessment framework.
The agency has released an updated IRAP policy and a new IRAP Assessor Training module following an independent review of the program.
The enhanced program has been designed to help develop the capabilities of industry partners, increase the number of cybersecurity assessors and bolster national cybersecurity efforts. It has been developed in consultation with government and industry representatives.
Changes include increases to the standard and consistency of cybersecurity advice provided by IRAP assessors by requiring these assessors to maintain and demonstrate ICT security knowledge.
Other changes include a minimum requirement for IRAP assessors to maintain a Negative Vetting Level 1 Security Clearance, and enhanced governance arrangements in place for assuring IRAP assessors are performing their roles as independent third parties.
The ACSC has also established a revised five-day IRAP training course, which covers both IRAP and Information Security Manual fundamentals.
The new policy will apply to all assessments initiated going forward, and current IRAP assessors will have 24 months to meet new requirements outlined in the policy.
The ACSC is now taking applications for IRAP assessors to take part in the program.
Datadog completes IRAP assessment
US-based observability and security company Datadog has secured an IRAP assessment at the...
ASD offering two-way threat intelligence service
The Australian Signals Directorate is reminding agencies and business of the availability of its...
ACSC says to stay ahead of the quantum threat
The Australian Cyber Security Centre says that organisations need to be taking steps now to...
