Commvault gains IRAP certification at ‘PROTECTED’ level

Leading data protection and cyber resilience organisation Commvault has announced that its portfolio of SaaS-delivered data protection solutions has achieved Australia’s Infosec Registered Assessor Program (IRAP) certification at PROTECTED level. Administered by the Australian Cyber Security Centre (ACSC), the IRAP framework ensures that technology providers meet the highest security and integrity protocols in line with the Australian government’s information security standards.


IRAP provides a common framework to certify a solution’s security posture and resiliency from advanced threats. By conducting an in-depth examination of software architecture, design, and security protocols, IRAP certification ensures Commvault’s SaaS data protection solutions meet stringent ISM (Information Security Manual) security requirements, and that government agencies and contractors can confidently adopt Commvault solutions.


“While IRAP is an Australian-centric security framework, this certification underlines the country’s global commitment to upholding best-in-class security standards, resonating with frameworks like FedRAMP. Achieving IRAP certification is a testament to our mission of providing industry-leading protection of data against ransomware and the evolving cyber threat landscape,” said Martin Creighan, Vice President for Asia Pacific, Commvault.


With cyber threats continuing to escalate, private and public sector entities are under increased pressure to bolster their data security and cyber recovery measures. In fact, according to a new Commvault report commissioned in partnership with IDC, both IT and business leaders understand the constant risk and dire consequences of a cyber attack, with 61% of respondents believing that data loss within the next 12 months is “likely” to “highly likely” to occur due to increasingly sophisticated access.[1]


Combatting these concerns, Australia’s IRAP assessment falls under the Security Legislation Amendment (Critical Infrastructure) Bill, introduced to Parliament in 2020. The amendment has a National Security focus and was put in place to manage risks posed in particular by foreign involvement in Australia’s critical infrastructure, considering that a significant amount of the country’s infrastructure is privately owned.


Commvault’s entire portfolio of SaaS-delivered data protection solutions are IRAP-certified and are built into its commercial offering.