Infosec Registered Assessors Program (IRAP)

Infosec Registered Assessors Program (IRAP)

The Infosec Registered Assessors Program (IRAP) is a cybersecurity initiative led by the Australian government. This program endorses highly qualified individuals from both the private and public sectors to conduct comprehensive security assessments for Australian government entities. IRAP assessors are certified by the Australian Signals Directorate (ASD) and possess extensive experience and qualifications in Information and Communications Technology (ICT), security assessment, and risk management.

Contact Us
Industries

IRAP Assessment

The IRAP program is designed to provide top-tier security assessment services, ensuring that organisations can meet stringent government standards. By accessing these services, entities can strengthen their security measures and safeguarding sensitive information from evolving cyber threats. The program aims to ensure that service providers align with the high security standards required by the Australian government, thereby protecting the integrity of national data and services.

Risk Associates IRAP Services

Independent IRAP Assessments

We conduct thorough and independent assessments up to the SECRET classification, as defined in the PSPF. These assessments ensure that organisations meet all necessary security requirements.

Guidance on ACSC Updates

Our assessors keep you informed about the latest updates and guidance from the Australian Cyber Security Centre (ACSC), ensuring you stay ahead of emerging threats and regulatory changes.

Risk Posture Advisory

Our expert assessors can help you understand and implement the security controls necessary for your organisation. They offer tips and recommendations on industry best practices to secure your data and systems.

Comprehensive Assessment Guide

Our assessors will ensure that the required physical certification is attained by verifying that assessed security controls are relevant, properly implemented and operating effectively.

Preparing for an IRAP Assessment

Our ASD Certified Assessors support organisations through every step of the IRAP assessment process. Our methodology includes:

Compliance Framework Setup

We establish a compliance framework tailored to your organisation’s specific needs, ensuring a structured and effective approach to security.

Knowledge Transfer and Workshops

We host workshops and knowledge transfer sessions with key stakeholders, ensuring that your team is well-equipped to maintain and improve your security measures.

Risk Assessment and Control Implementation

We conduct thorough risk assessments and guide the implementation of necessary controls to mitigate identified risks.

Scope Definition

Our team clearly defines the scope of work, providing unbiased and independent outcomes that accurately reflect your security posture.

IRAP Assessment Process

An IRAP assessment is a meticulous and independent evaluation of the implementation, appropriateness, and effectiveness of a system’s security controls. This assessment is conducted against the Australian government’s security requirements as outlined in the ISM, PSPF, and any other security requirements established by the Australian government. Once RA's IRAP assessor is engaged, the assessment process evolves as follows:
1

Understanding the System

The IRAP Assessor begins by thoroughly understanding the organisation's system and assessing associated risks.
2

Reviewing Existing Controls

The assessor meticulously reviews and evaluates existing controls in place, followed by implementation status.
3

Identifying Weaknesses

Through comprehensive analysis, the assessor identifies any weaknesses in the security posture and suggests effective mitigation strategies.
4

Assessment Report​

A detailed assessment report is drafted, documenting that what system has been tested against which cybersecurity requirement and whether or not system meeting those requirements.

Why Choose Risk Associates?

Our assessors meet and have fulfilled ASD's stringent requirements to become certified IRAP assessors, including but not limited to:
Being
Australian
Independent & Objective Assessments
Compliance & Security Assurance
Comprehensive
Reporting

Get in Touch with Us

Have a question or want to learn more about what we do? We're here to help you.
Contact Us
Subscribe
Risk Associates Logo White
Together Towards Secure Digital Frontier
Quick Links
Home
About Us
Partners
RA-Academy
Careers
Contact Us
Services

Compliances

PCI Compliance

ISO/IEC Services

MSSP

Data Protection

Security Tesing

Cybersecurity Solutions

Get In Touch
Copyright © 2025. All Rights Reserved by Risk Associates.

Stay Updated With Us

Almost there!
Just fill in your details to join our newsletter and get curated insights, regulatory updates, and cybersecurity compliance best practices.

MSSP

LAUNCH

Managed Security
Service Provider

What if the breach already happened?

Advanced simulations and forensic insights to expose hidden threats and test real-world resilience.

View Brochure Discover
×
MSSP
})