IRAP Compliance - Amazon Web Services (AWS)

Very excited to announce that VMware Cloud on AWS has been IRAP assessed against the Information Security Manual (ISM) PROTECTED controls. This assessment allows Australian Government customers to process and store protected level data in VMware Cloud on AWS

More details about IRAP can be found here

This IRAP assessment marks a significant step in VMware’s continued commitment to providing Australian government customers with solutions to accelerate their innovation. With the independent evaluation that the service has the required security controls in place, VMware Cloud on AWS can unlock the potential for further transformation within government by enabling customers to migrate apps rapidly, scale resources up or down based on demand, deliver resources for new remote work initiatives, and drive app modernisation strategies.

“We’re committed to providing our government customers with the choice and flexibility to select the solution that best suits their digital needs,” said Mike Reddie, Senior Director Cloud, VMware Australia & New Zealand. “In today’s market, it’s critical that the public sector not only has access to technology and services to enable transformation, but that they have confidence in its security in order to maintain data safety and meet compliance requirements. We are focused on continually innovating our offerings to help our customers meet their business needs. We’re pleased that our IRAP PROTECTED status will further broaden access to VMware Cloud on AWS, to support public sector customers in delivering flexible, resilient digital citizen services.”

About IRAP
The Information Security Registered Assessor Program (IRAP) is a security compliance framework comprised of security assessment processes and a security assessor program. It was developed by the Australia Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) within the Australian government. IRAP supports Australian commonwealth government entities in maintaining their security assurance and risk management as well as assessing cloud service providers and their cloud services’ security controls against the Australian government security policies and guidelines.

The official VMware announcement can be found here