Commvault Earns IRAP Certification

Commvault, Systems, Inc. announced that its portfolio of SaaS-delivered data protection solutions has achieved Australia’s Infosec Registered Assessor Program (IRAP) certification at PROTECTED level.

Administered by the Australian Cyber Security Centre (ACSC), the IRAP framework ensures that technology providers meet the highest security and integrity protocols in line with the Australian government’s information security standards.

It provides a common framework to certify a solution’s security posture and resiliency from advanced threats. By conducting an in-depth examination of software architecture, design, and security protocols, IRAP certification ensures Commvault’s SaaS data protection solutions meet stringent ISM (Information Security Manual) security requirements, and that government agencies and contractors can confidently adopt Commvault solutions. It also further exemplifies firm’s commitment to global data security, adding to its current position as the only SaaS data protection portfolio to meet FedRAMP High (In Process) status, with the approved ATO signed by the Department of Treasury on July 12, 2023.

“While IRAP is an Australian-centric security framework, this certification underlines the country’s global commitment to upholding best-in-class security standards, resonating with frameworks like FedRAMP. Achieving IRAP certification is a testament to our mission of providing industry-leading protection of data vs. ransomware and the evolving cyber threat landscape,” said Martin Creighan, VP for AsiaPac.

With cyber threats continuing to escalate, private and public sector entities are under increased pressure to bolster their data security and cyber recovery measures. In fact, according to a Commvault report commissioned in partnership with IDC, both IT and business leaders understand the constant risk and dire consequences of a cyber-attack, with 61% of respondents believing that data loss within the next 12 months is “likely” to “highly likely” to occur due to increasingly sophisticated access.¹

Combatting these concerns, Australia’s IRAP assessment falls under the Security Legislation Amendment (Critical Infrastructure) Bill, introduced to Parliament in 2020. The amendment has a National Security focus and was put in place to manage risks posed in particular by foreign involvement in Australia’s critical infrastructure, considering that a significant amount of the country’s infrastructure is privately owned.

Commvault’s entire portfolio of SaaS-delivered data protection solutions are IRAP-certified and are built into its commercial offering.

Company’s enhanced security capabilities and solutions for cyber resilience are designed to offer compliance capabilities, and also offer peace of mind in terms of rapid recovery – critical in an age of escalating and non-stop cyber threats.

Join Commvault virtually on November 9, 2023 for SHIFT: The Global Cyber Resilience Event to “Leave the Chaos Behind” and explore a new approach to cyber resilience that combines security, data protection, data intelligence, cloud, and recovery.

¹ Goodwin, P. (2023). The cyber-resilient organization: maximum preparedness with bulletproof recovery, IDC  (white paper)