ACSC updates IRAP program
The Australian Cyber Security Centre (ACSC) is enhancing the Information Security Registered Assessor Program (IRAP) to strengthen the cybersecurity assessment framework.
The agency has released an updated IRAP policy and a new IRAP Assessor Training module following an independent review of the program.
The enhanced program has been designed to help develop the capabilities of industry partners, increase the number of cybersecurity assessors and bolster national cybersecurity efforts. It has been developed in consultation with government and industry representatives.
Changes include increases to the standard and consistency of cybersecurity advice provided by IRAP assessors by requiring these assessors to maintain and demonstrate ICT security knowledge.
Other changes include a minimum requirement for IRAP assessors to maintain a Negative Vetting Level 1 Security Clearance, and enhanced governance arrangements in place for assuring IRAP assessors are performing their roles as independent third parties.
The ACSC has also established a revised five-day IRAP training course, which covers both IRAP and Information Security Manual fundamentals.
The new policy will apply to all assessments initiated going forward, and current IRAP assessors will have 24 months to meet new requirements outlined in the policy.
The ACSC is now taking applications for IRAP assessors to take part in the program.
Adobe Acrobat Sign completes IRAP assessment
Adobe says its Acrobat Sign is a cloud-based solution that enables end-to-end digital experiences...
Australia under attack as higher cyber threat activity observed: report
Armis warns that AI is supercharging the cyberwarfare threat amid heightened geopolitical tensions.
Dynatrace secures IRAP certification for Azure-based platform
Dynatrace has received IRAP certification for its Dynatrace SaaS on Microsoft Azure...
