Glossary:

IRAP - Infosec Registered Assessors Program

IRAP stands for the Infosec Registered Assessors Program.

It is an Australian Signals Directorate (ASD) program that endorses professionals to conduct independent assessments of ICT systems against the Australian Government Information Security Manual (ISM). Assessments provide objective evidence of security strengths, weaknesses, and residual risks.

IRAP is an evidence-based assessment program, not a certification. It helps Australian businesses demonstrate effective security controls when supplying government, critical infrastructure, or high-assurance clients.

Examples include:

  • A cloud provider completing IRAP to win government mining contracts
  • An energy utility assessing OT systems to protect safety-critical operations
  • A vendor preparing control evidence for state government health tenders

The IRAP concept is widely used in Australian mining, energy, utilities, critical infrastructure, and government sectors to assure information security controls within HSEQ and governance frameworks.

See also

ISO
All Glossary Entries

A note from myosh

Related articles

IRAP and the Future of Cyber Assurance in Australia

View all articles

Powerful, data rich safety software for all organisations

All modules can be easily integrated with one another and configured to interact with external software.

Start your free trial