amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

gbrain: sync converted org-mode brain files

Browse Source
This commit is contained in:
Hermes
2026-05-24 03:00:35 +00:00
parent b3d91f2e55
commit 94f1871177
67 changed files with 4307 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ideas/compliance/irap.org
View File

@@ -2,21 +2,21 @@
:ID: auto-irap
:CREATED: [2026-05-23 Sat]
:END:
#+title:
#+title: IRAP (Infosec Registered Assessors Program — Australia)
#+filetags: :passepartout:compliance:framework:irap:
** IRAP (Infosec Registered Assessors Program)
Australian government's cloud security assessment program — analogous to
FedRAMP. Cloud services used by Australian government agencies must have an
[[file:fedramp.org][FedRAMP]]. Cloud services used by Australian government agencies must have an
IRAP assessment. Managed by the Australian Cyber Security Centre (ACSC).
Assessment levels: Protected (highest), Secret (top secret), Unclassified DLM.
Who must comply: Cloud providers selling to Australian federal, state, and
local government agencies. Also critical infrastructure providers.
Why it matters: Like FedRAMP and ISMAP, IRAP is a procurement gate. An IRAP
Why it matters: Like FedRAMP and [[file:ismap.org][ISMAP]], IRAP is a procurement gate. An IRAP
Protected-level assessment is expensive and takes 6-12 months. First-mover
advantage: the gate stack's deterministic audit trail can be the primary
evidence artifact, reducing assessment scope/cost.