Request a Demo

Fill in the form below and we will contact you shortly to organised your personalised demonstration of the Noggin platform.

The Noggin Platform

The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.

Learn More
Resilience Management Buyers Guide - Thumbnail
A Resilience Management Software Buyer's Guide
Access the Guide

Who We Are

The world’s leading platform for integrated safety & security management.

Learn More

IRAP Information Security Guide

Best Practice Guide

IRAP and information security

Housed within Australia’s Department of the Defence, the Australian Signals Directorate is responsible for guarding the federal government’s information and systems. In this age of digital transformation, the two, information and systems, must be treated cohesively and coherently. After all, vast quantities of the sensitive government information and classified intelligence gets stored in online systems.

To enhance information security in the midst of wider digital changes, the government employs measures like the ISM, the Australian Government Information Security Manual, which is put out by the Australian Signals Directorate. The ISM is “designed to assist Australian government agencies in applying a risk-based approach to protecting their information and systems… and includes a set of information security controls that, when implemented, will help agencies meet their compliance requirements for mitigating security risks to their information and systems".

Essentially, the ISM lays out the required technical measures that organizations have to take in order to handle information at various levels of secrecy. Service providers looking to handle sensitive government information must therefore comply with the security dictates spelled out in the ISM. Which brings us to the Information Security Registered Assessors Program, better known as IRAP.

It is IRAP that provides the framework for assessing thirdparty IT system providers who seek to process, store, and/ or transmit government data up to the protected level of classification, the compromising of information held at this level of classification causes damage to the national Interest, organizations, or individuals.

So, what, then, does the Assessors program actually do? Well, IRAP provides customers of the Australian government the validation (of their information security controls) they need to handle sensitive government information.

Download the guide to continue reading >>

Download the Free Guide