RecordPoint Completes Full IRAP Assessment — What It Means for You

RecordPoint is pleased to announce we have completed our independent Infosec Registered Assessors Program (IRAP) assessment. RecordPoint’s products and services were assessed to the security classification of PROTECTED

RecordPoint is the only true SaaS player to formally complete a third-party IRAP assessment for records management — and while that is very exciting for us, we’d like to explain what this means for you.

RecordPoint’s commitment to security is paramount to our customers’ success in productivity, efficiency, and security. We are committed to meeting or exceeding regulatory standards while providing comprehensive solutions for managing enterprise content across all industries.

Our IRAP assessment, performed by an independent third-party assessor, provides you with the assurance that we are committed to the ongoing improvement of our security posture and practices that meet the stringent requirements of the Australian Government. For you, this ultimately means that you can trust us with your valuable data, and that your digital information compliance initiatives are built on a platform that is both agile and secure.

What is an IRAP assessment?

Developed by ASD (Australian Signals Directorate), an IRAP assessment is a formal process of reviewing an organisation’s security posture and any services offered by that organisation.

Why is a strong security posture important for information management?

The relentless drive to use cloud services is key to Australian Government’s ICT strategy, which means an exponential growth in the need for cloud-based data management in the Australian Public Sector. This comes with an increased risk profile with the growth in malicious threats from both inside and outside the country, creating a genuine threat to Australia’s security and national interests. In response, the Australian Government’s total spending on IT systems and security will surpass $15.5 billion in 2022.

Beyond security, that data growth also means the increasing need for optimised ease of use within systems for the end-user.  

RecordPoint’s IRAP assessment allows Authorising Officers to determine whether or not RecordPoint’s products and services meet their agency’s security and compliance needs.

Why did RecordPoint undertake the IRAP assessment?  

Our customers often operate within heavily regulated sectors, such as state and federal governments. A barrier to entry for cloud-based services like Records365 is often the ability to ‘prove’ we have a strong security posture. While our security efforts are constant and evolving, IRAP is a formal assessment process that Australian Government agencies can use to ensure their information assets’ ongoing security and integrity.

By completing a formal, independent third-party IRAP assessment, RecordPoint saves public agencies and departments significant time and resources — rather than individually assessing each third-party contractor, any given government entity can simply ask for our IRAP assessment report. This IRAP assessment is recognised throughout the Australian Government, vastly improving efficiencies and significantly reducing the work of the agency’s security team when signing off on the purchase and use of cloud services like Records365.

While completing this assessment was a significant investment for RecordPoint, we believe the benefits for us and our Australian Government customers are well worth it. What’s more, at the time of the delivery of the report, we will be the only formally recognised independent third-party IRAP assessed SaaS Records Management solution.

Having an independent, third-party assessment of our ongoing commitment to security truly sets us apart from our competitors and assures government agencies and departments that they can use our solutions with absolute confidence. We very much look forward to our customers reaping the benefits of this assessment.  

How does our IRAP assessment benefit our customers?

If you work in the Australian Public Sector, the benefits are obvious — RecordPoint’s IRAP assessment provides you with complete peace of mind that your security team can easily review RecordPoint’s security posture, and provide appropriate sign-offs that your system of choice is suitable for your security needs.

For the private sector, our IRAP assessment provides further assurance that we are utterly committed to the continued advancement in the security of our customers’ records and data.

Ultimately, our IRAP assessment doesn’t just claim that we are a secure partner — it proves it. It assures you that our standard operating procedures are secure by design, and therefore you can have confidence that we have security at the heart of everything we do. After all of that focus and energy, we are incredibly pleased that you are the ones to benefit from it.

‍