About 01cyber
With 15+ years of experience in ICT, I’ve built, designed, and supported technology systems in administration, technical support, and cyber security engineering.
Based in Canberra, I assist clients with navigating the IRAP and ISM landscape, through practical design experience and several years of cyber security expertise. My primary goal has always been to deliver straightforward, pragmatic advice that understands your organisation.
My method to cyber security is risk-based and grounded in the reality of resources, with a strong focus on people: how we work, think, and approach security.
Ultimately, I’m here to help you make informed decisions that strengthen both your technical and organisational resilience.
Services
I offer cyber security guidance and IRAP assessment services that help you make sense of the Information Security Manual (ISM) and apply it in practice.
My risk-based approach considers organisational context, legitimate threats, as well as business objectives. This ensures security controls support the organisation, rather than work against it.
IRAP Assessments
-
At its core, an IRAP assessment provides the consumer with an understanding of a system's control effectiveness against the ISM.
An IRAP assessment helps you:
Identify where a system's security controls may be lacking and where they need to be further developed.
Gain confidence that a system's state has been validated by an ASD-endorsed independent professional.
Understand whether your system meets your security requirements.
For organisations providing services to the Australian Government, such as managed service providers, cloud services, and gateways, an IRAP assessment is often a requirement for them to adopt a system.
You can read further about the IRAP program here.
-
An IRAP Assessor is an ASD-endorsed ICT professional who’s been authorised to conduct independent IRAP assessments.
An Assessor has in-depth knowledge of the ISM, the necessary experience to assess a system, and a minimum NV1 security clearance. Every Assessor must uphold ASD standards and values.This means that your assessment is conducted by someone trusted to operate in these environments.
-
It does not endorse a system with ASD.
It does not advise of a systems risk level. For example: “High, Moderate, Low” risk.
It does not allow a consumer to use the IRAP logo for advertising.
-
As a sole trader I can offer reasonable prices. However, IRAP assessments costs are influenced by:
Complexity of the system.
Applicable ISM guidelines.
Duration of the assessment.
Get in contact for a free quote.
GRC Advice
-
I provide guidance so organisations can understand and apply ISM controls in a way that makes sense for their systems and risk profile.
This includes:
Interpreting the intent of ISM controls and assessing their applicability.
Having a risk-based approach to implementation.
Preparing for an IRAP assessment conducted by another ASD endorsed assessor.
Conducting ISM gap analyses as an internal readiness check.
-
Support includes:
Practical guidance on implementing Essential 8 controls.
Advice on demonstrating maturity and preparing for an Essential 8 assessment.
Advice on where to start maturing your environment.
-
I provide expert advice to help organisations understand and implement PSPF requirements in a way that strengthens security posture across the entire organisation, not just within IT.
My guidance is tailored to each organisation’s context and spans all PSPF core outcomes, including governance, information security, personnel security, and physical security.
Get in touch
Let me know how I can help.
Fill out the form and I’ll get back to you within 1-2 business days.