AvePoint assessed against Official IRAP Controls

The AvePoint Online Services cloud platform, and its Cloud Backup, Cloud Governance, and Cloud Records solutions were assessed against the Information Security Registered Assessors Program (IRAP) official controls on April 4, 2021 in Australia. 

AvePoint, in partnership with The Australian Transport Safety Bureau (ATSB) initiated the IRAP assessment process to help modernise and further automate the ATSB's record management. As a result of the sophisticated, five-step authorisation, the ATSB will now be able to utilize AvePoint Cloud Records to automatically identify, capture and manage records in Microsoft 365 in alignment with the Australian Government record keeping requirements.

Through the Australian Cyber Security Centre (ACSC), the Australian Signals Directorate (ASD) initiated the IRAP to ensure the standard of cybersecurity and information security assessments for ICT systems processing or storing government information.

After the ASD removed the Cloud Services Certification Program last year, all cloud providers were encouraged, but not required, to undergo IRAP assessment. As initiated by cloud vendors, assessments are performed by IRAP certified assessors, all of whom have a detailed knowledge of information security and compliance requirements as mandated by the Australian Government.

"At the ATSB, we have a strong focus on collaboration and record-keeping and were looking at innovative ways to ensure our data would be secure and accessible, in alignment with our cloud strategy," said Angelo Santosuosso, Record Manager at the ATSB.

"Leveraging our previous relationship with AvePoint, we were confident their cloud records suite would enable us to achieve our objectives."

More than 130 government entities in Australia use AvePoint to migrate, manage and enhance protection of their Microsoft 365 and SharePoint data. Additionally, the validation AvePoint received from IRAP reflects a significant market opportunity, as collaboration security remains a top priority for government entities in the region.

"Our public sector customers all face unique security challenges, and industry specific regulations" said Alexander Dick, Manager of Federal Public Sector, AvePoint Australia.

"Our hope is that in achieving the IRAP certification, we can assure government entities and beyond of our adherence to security through rigorous and continual assessments like this one."

"AvePoint is clearly committed to information security, and addresses risk and compliance in a sophisticated and comprehensive way, which resulted in an impressive level of ISM control adherence," said Sah Vasilevski, Principal Consultant at Security Centric and IRAP Assessor.

"The responsiveness of globally dispersed teams during AvePoint's IRAP journey speaks volumes of their organizational agility."

To receive a copy of the IRAP assessment, visit https://www.avepoint.com/lp/irap-assessment.

For more information on AvePoint Public Sector and its solutions, visit https://www.avepoint.com/solutions/us-public-sector.