IRAP vs. SOC 2 - Key Differences Through a Third-Party Risk Lens A summary of key differences between IRAP and SOC 2 Reports when using these as artefacts for third party risk assessments. Hareen Siriwardena 08 March 2026
Beyond SOC 2: Why IRAP Should Be the De-Facto Standard in Supplier Assurance Our thoughts on why IRAP should become the de-factor standard in supplier assurance, and how GRC Platforms have shifted the SOC 2 goal posts (closer and wider). Hareen Siriwardena 05 March 2026
Improve IRAP Assessments by Better Documenting ISM Controls Learn how to document ISM controls in a SSP-A for IRAP assessments and internal system authorisations, reduce duplication, and reuse system controls effectively. Hareen Siriwardena 30 January 2026
IRAP Preparation: Reduce Compliance Burden with Cloud Hear from our consultants on effective ways to reduce the IRAP compliance burden Hareen Siriwardena 23 January 2026
IRAP Assessment Preparation: The Authorisation Boundary Preparing for an IRAP assessment? Learn why defining your System Authorisation Boundary is critical to avoiding audit chaos. Hareen Siriwardena 16 January 2026
ACSC ISM December 2025 Release - What Changes Should I Care About? A breakdown of the ACSC ISM December 2025 changes, including new and updated controls, emerging AI requirements, and alignment with modern authentication guidance. Nathan Su 18 December 2025
The Real Cost of an IRAP Assessment: Part 1 – The Preparation Phase "How much does an IRAP assessment cost?" It’s the question that is on everyones mind. The reality? The assessor's fee is the easy part. The real cost lies in Preparation and Maintenance. Hareen Siriwardena 28 November 2025
