Information Security Registered Assessors Program (IRAP)


The Information Security Registered Assessors Program (IRAP) enables Australian Government customers to validate that appropriate controls are in place and determine the appropriate responsibility model for addressing the requirements of the Australian Government Information Security Manual (ISM) produced by the Australian Cyber Security Centre (ACSC).

Protecting Australian Government data from access, unauthorized and disclosure remains a prime consideration when procuring and leveraging cloud services. AWS recognises that customers rely upon the secure delivery of the AWS infrastructure and the importance of having features that enable them to create secure environments. AWS enables customers to meet these objectives by prioritising security in the delivery of its services, through the establishment of a robust control environment, and by making available for use a wide range of security services and features.

The in scope AWS Cloud services that have been IRAP assessed can be found on AWS Services in Scope by Compliance Program. An independent IRAP assessor examined the AWS controls including people, processes, and technology against the requirements of the ISM. If you would like to learn more about using these services and/or have an interest in other services please contact us.

Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »