While the IRAP program shifted its parameters in 2018 to better reflect the shift in the federal government approach to cyber strategy from ‘compliance’ to ‘risk management’ it left some confusion about what applicants could expect from the process. And what is the role of FedRAMP certification, and increasingly global business environment, what are the practicalities of these schemes.
Matt Tett, Manageing Director at Enex TestLab and Andrew Slavkovic, Solutions Engineering Manager at CyberArk discuss the approach to IRAP, FedRAMP and other compliance schemes to better understand how regulatory systems have changed, what assessors are looking for and how applicants can best demonstrate that they address the criteria.