This assessment completion follows Workday’s recent appointment to the Australian Government’s Digital Transformation Agency (DTA) Cloud Marketplace and covers its suite of applications, including Workday Financial Management, Workday Human Capital Management (HCM), and Workday Adaptive Planning and associated infrastructure hosted in Workday’s AWS Australia region.
Governed and administered by the Australian Cyber Security Centre (ACSC), IRAP provides a process for the independent assessment of a system’s security against Australian government policies and guidelines. The ACSC produces and maintains the Information Security Manual (ISM), which outlines a risk-based cyber security framework that organisations can apply to protect their information and communication technology (ICT) systems from cyber threats.
Workday has undertaken the IRAP assessment against the PROTECTED ISM controls, which allows workloads to be processed and stored on Workday systems up to PROTECTED, including OFFICIAL. Workday has committed to maintaining the IRAP assessment and conducting external assessments at least every 24 months, at a minimum.
“The IRAP Assessment reinforces Workday’s commitment to security and privacy and helps position Workday as a leading solution for Australian federal, state, and territory government agencies wanting to move to the cloud so they can thrive in this changing world,” said Jo-Anne Ruhl, managing director and vice president, Workday Australia and New Zealand.