Skip to content

ASD ISM & IRAP assessments and certification

Streamline IRAP Compliance with 6clicks GRC Platform for the Australian Government.


ISM & IRAP Assessment solution overview




The Information Security Registered Assessors Program (IRAP) is a cybersecurity assessment program that was established by the Australian Signals Directorate (ASD) to assist Australian government agencies and organizations in protecting their information and communications technology (ICT) systems from cyber threats.

IRAP assessments are carried out by qualified and ASD-endorsed assessors who have been trained in the Australian Government Information Security Manual (ISM) along with IRAP policies and procedures. IRAP assessors are responsible for evaluating the security of ICT systems and ensuring that they meet the requirements of the ISM.

Ease your compliance burden with the help of smart functionality including Hailey, our innovative AI engine.

Relevant standards and frameworks

IRAP assessments include assessment against requirements founds in the Australian Government Protective Security Policy Framework (PSPF) and Privacy Act, in addition to a recent version of the Information Security Manual (ISM). All this content, and many other cyber and privacy related to standards are available in the 6clicks Content Library.
Relevant standards and frameworks for ASD ISM & IRAP

Smart GRC functionality

6clicks provides smart GRC functionality to streamline processes involved in specifying the system to be assessed, assessing compliance against the ISM (and other relevant requirements), managing any associated risks, implementing & operating security controls and managing any associated issues and incidents with corrective actions.
Smart GRC functionality for ASD ISM & IRAP

Combined with powerful AI/ML

Leverage 6clicks' Hailey AI to assist with identifying overlap between many different cyber and information secuirty compliance requirements and helping your organisation (or your clients) develop a single unified policy and control library that is traceable to compliance requirements and actionable. Map the results of an assessment against the ISM against other standards such as ISO 27001 and the NIST Cyber Security Framework.
Combined with powerful AI/ML for ASD ISM & IRAP

Designed to meet Australian Government requirements

The 6clicks for Government (AU) instance has been assessed at the Official:Sensitive (OS) and Protected (P) levels of the Information Security Manual (ISM) through the Information Security Registered Assessors Program (IRAP). Just as importantly, 6clicks can be used by organisations to implement and run security programs, and by partners running assessments.
Designed to meet Australian Government requirements for ASD ISM & IRAP

Explore our expert's guide to IRAP and the ISM

This authoritative guide provides a comprehensive overview of the Infosec Registered Assessors Program (IRAP) and the Australian Government Information Security Manual (ISM). The guide covers the fundamentals of the program, including the the pre-requisites to become an IRAP Assessor, roles and responsibilities of IRAP Assessors, the assessment process and the ISM.

Integrated powerful features

Explore the features related to this solution making it easy for you to get up and running in minutes.

Risk Management

Our state-of-the-art risk management solution automates formerly manual processes and optimizes the entire risk lifecycle, encompassing risk identification, risk assessments, risk mitigation, remediation, and reporting.

Continue >

Audit & Assessment

By minimizing manual tasks, our solution empowers audit professionals to effectively manage the entire audit management lifecycle, including audit plans and seamless collaboration among team members.

Continue >

Issues & Incident Management

Modernize issue and incident tracking with visibility, insights, and intelligent remediation. Identify and solve issues before they occur with cross-team automation workflows.

Continue >

Why businesses and advisors choose 6clicks

Build resilient security risk and compliance programs.


Powered by artificial intelligence

Experience the magic of Hailey, our artificial intelligence engine for cyber risk and compliance.


Unique Hub & Spoke architecture

Deploy multiple teams all connected to a hub—perfect for federated, multi-team structures.


Fully integrated content library

Access hundreds of frameworks, control sets, assessment templates, libraries and playbooks.

The GRC platform powering today's risk and compliance professionals

volaris logo-1-1
ntt logo-1

Intelligently accelerate your cyber risk and compliance program today


Stop wasting time with complicated pricing, longwinded consulting efforts and outdated technology.




SourceForge Top Performer
Top 100 Innovators
Capterra review
CRN Top 100