Continuing the Journey to Essential Eight Alignment – Pathway to Accreditation

Continuing the Journey to Essential Eight Alignment – Pathway to Accreditation 

Here at Chamonix, we’re continuously on the journey with multiple organisations to improve their cybersecurity posture.  The common starting point is the Australian Cyber Security Centre (ACSC) Essential Eight. While this is a foot in the door, alignment to the Essential Eight is often self-assessed; and mostly addresses the technical controls of a much larger organisational cyber resilience picture. 

So, what’s next? And what are the benefits of building on current alignment to cyber guidance? 

For organisations seeking to progress their cyber journey, seeking accreditation such as the Defence Industry Security Program (DISP) or Information Security Registered Assessors Program (IRAP) will demonstrate that your organisation actively complies with national standards for cyber and information management. 

It’s important to note that these programs are not scoped exclusively at organisations that do business with the Defence supply chain, and leverage ISO 27001 as a global standard for information security. 

What are the benefits of accreditation? 

• Documented assessment that can be provided to your customers and partners to demonstrate compliance, and information security management 
• Improved information security for your entire organisation across policy, process, people, and technology 
• Reduction in cost for coverage on cyber liability insurance 
• Access to cyber resilience resources that are not generally available to the public 
• Ability to sponsor security clearances (DISP Level 1+) 

How to get started? 

• Identify business drivers and target state
  • What organisational objectives will gain the most value from accreditation? 
  • What level of accreditation is applicable to your business? 
  • Do you have a requirement to store classified information? 
  • What current policies/procedures/toolsets can be leveraged to obtain compliance? 
• Determine gap analysis from current to target on the following categories:
  • Personnel Security 
  • Physical Security 
  • Information & Cyber Security 
  • Security Governance 

Read our previous article Journey to Essential Eight Alignment here.

Our Essential Eight-as-a-Service offering assists organisations with the implementation and maintenance of their security journey which covers all components – from discovery and planning through to implementation and maintenance of security policies in the future.

Contact us at essentialeight@chamonix.com.au to find out how we can help.