News

Infotrust Expands Consulting Services and Expertise with New IRAP Assessor

China Zamora
May 26, 2025
Home

Let's Get STARTED

Infotrust is proud to announce that Devender Kumar, Senior GRC Consultant, is now an endorsed assessor by the Australian Signals Directorate’s (ASD) Information Security Registered Assessors Program (IRAP).

This endorsement highlights Devender’s technical expertise and his ability to perform independent security assessments in line with rigorous standards outlined in the Australian Government’s Information Security Manual (ISM).

As an endorsed IRAP Assessor, Devender is authorised to provide security assessments and strategic guidance to Australian Government agencies and their partners. With only a select number of professionals endorsed across Australia, we are proud to see Devender join this highly respected group of assessors.

IRAP services are designed to assess compliance with the ISM across a range of environments, including:

  • Government entities’ Information and Communication Technology (ICT) Systems
  • Suppliers to Government entities’ ICT Systems
  • Cloud service providers
    • Software as a Service (SaaS)
    • Platform as a Service (PaaS)
    • Infrastructure as a Service (IaaS)
  • Defence industry contractors
  • Gateway, Gatekeeper, and FedLink service providers

This achievement marks a major professional milestone for Devender and further strengthens Infotrust’s commitment to delivering high quality cyber security and compliance services.

Read more about the IRAP program here.

To learn more about our IRAP services and how we can support your compliance journey, get in touch with our team.

ASD endorses individuals from the private and public sectors to provide security assessment services with the aim of enhancing the security of broader industry and Australian Government systems and data.

IRAP Assessors do not accredit, certify, endorse or register systems on behalf of ASD. The scope of a security assessment will generally not cover all ISM security controls and a completed security assessment does not inherently imply that a system is compliant with the tested security controls. As such, it is integral for customers to read and understand security assessment reports or letters of completion to determine what a system has been tested against and if it meets their cyber security requirements.