Information Security Registered Assessors Program

Who are IRAP Assessors?

IRAP Assessors are ASD certified ICT professionals from across Australia who have:

  • the necessary experience and qualifications in ICT, auditing and risk management, and
  • a detailed knowledge of Australian Government information security compliance requirements.

Individuals can apply to become IRAP Assessors if they can:

  • attain a minimum Baseline security clearance
  • demonstrate a minimum of five years ICT experience with two years of information security experience
  • provide two referees to attest to the applicant's ICT and auditing experience, and
  • show evidence of relevant ICT and auditing qualifications, one from Category A and one from Category B.

When ASD has confirmed that the above requirements have been met, the individual can:

If the candidate successfully passes the examination they are added to the list of registered IRAP Assessors.

In accordance with the IRAP Policy and Procedures, IRAP Assessors maintain their skills by:

  • maintaining IRAP prerequisite qualifications in ICT and auditing disciplines
  • completing annual online Australian Government Information Security Manual (ISM) refresher training
  • attending ASD-endorsed workshops, forums and conferences, and
  • participating in information-sharing activities across the IRAP and information security communities.

IRAP Assessors make a valuable contribution to Australia's national security objectives by assisting government agencies to improve their security posture by providing ICT security advice and assessment services.