The Information Security Registered Assessors Program (IRAP) provides independent assessment of Australian Government systems against the Information Security Manual. HackLabs delivers rigorous IRAP assessments by ASD-endorsed assessors.
Talk to an ExpertIRAP assessments are required for cloud services and systems handling Australian Government information. HackLabs' IRAP-endorsed assessors provide independent, objective assessment of your system's security posture against the Australian Government Information Security Manual (ISM). We support assessments for Unclassified, Protected, and higher classification environments.
Systematic assessment of applicable ISM controls against your system's implementation, producing evidence-based findings and ratings for each control.
Review and development support for SSP documentation that accurately represents your system's security architecture and control implementation.
Assessment of cloud service providers seeking inclusion on the Certified Cloud Services List (CCSL) or supporting government agencies in their cloud adoption.
Technical review of network architecture, segmentation, and security controls against ISM requirements for the target classification level.
Assessment of identity and access management against ISM requirements including privileged access, MFA, and account lifecycle management.
Development of continuous monitoring plans to maintain IRAP assessment validity and demonstrate ongoing security posture to your authorising officer.
We define engagement objectives, boundaries, and rules of engagement. Clear scope means focused work and accurate results.
Senior consultants conduct the engagement using proven methodologies tailored to your environment and threat model.
Detailed findings with risk ratings, evidence, and clear remediation guidance for both technical and executive audiences.
We stay engaged beyond the report. Our team answers remediation questions and offers re-testing on critical findings.
Our assessors are endorsed by the Australian Signals Directorate to conduct IRAP assessments.
HackLabs is an ASD-authorised organisation with experience across government security frameworks and classification levels.
Decades of experience working with Australian government agencies and the security frameworks that govern them.
CREST certification underpins our technical assessment quality across all cyber security disciplines.
ASD Essential Eight maturity assessment — a prerequisite for many IRAP assessments.
International information security management system standard for organisations needing global certification.
Comprehensive governance, risk, and compliance advisory services.
Talk to a HackLabs IRAP specialist. We work with government agencies and cloud providers across Australia.
Talk to an Expert