Cyber security assessment services to Australian governments
TechnologyOne sought this as a response to feedback from our Australian federal government customers, who indicated that this is an important part of their risk assessment process when considering cloud services.
TechnologyOne initially completed our first IRAP audit and was recommended for certification in 2017. The level of certification we were recommended for was: Unclassified DLM up to and including Sensitive. In 2019, TechnologyOne has undergone an independent reassesment audit, performed by an accredited IRAP auditor for the ‘SaaS Platform for Australian Federal Government’ solution. We have completed the Statement of Applicability (SOA), Stage 1 audit and Stage 2 audit against the 2019 Australian Government Information Security Manual (ISM). The independent assessor has recommended that TechnologyOne formally proceed with certification of the system for information classified up to ‘Official’.
The 2019 IRAP Letter of Compliance for information classified up to ‘Official’ is available to TechnologyOne federal government customers by emailing the TechnologyOne SaaS Compliance Team: email@example.com