A managed service provider supporting over 50 customers was facing a familiar challenge: growing demand for Essential Eight assessments, but no scalable way to deliver them consistently. Artefakt was engaged to change that. Our consultant designed a structured methodology supported by automation that reduced assessment effort by approximately 50%, while improving quality and tailoring reporting […]
A federal government agency required an IRAP assessment for a hybrid ICT environment incorporating Microsoft Azure, Microsoft 365, on-premise infrastructure, and a managed service provider’s platforms. In addition to assessing an in-flight build, the client requested a three-week pause midway through the engagement to facilitate remediations. To maintain the timeline commitments, Artefakt scaled the team […]
A global SaaS recruitment platform used by 75% of Australian federal government engaged Artefakt for an IRAP assessment. The environment spanned AWS and Azure, with integrations across HR systems, APIs, identity platforms, and third-party providers. A four-week mid-engagement pause compressed the delivery window while government departments awaited the final report for their own authorisation decisions. […]
A Standards Reference Model organises security standards into topic-aligned collections that correspond to organisational reality. These create coherence across regulatory, contractual, and policy requirements. Well-drawn topic boundaries enable teams to identify relevant requirements and understand accountability directly. This publication opens Artefakt’s Enterprise Security Architecture series. It explores structural and organisational decisions that deliver clear, navigable, […]
Supply chain contracts are one of the most consequential opportunities an organisation has to shape its security posture across the extended enterprise. The value of well-constructed security obligations lies in shaping supplier behaviour throughout the engagement, long before an incident tests them. The first in our GRC series, this short paper examines the principles and […]
More than ever, the IRAP assessment and report is a commercial prerequisite for suppliers entering Australian government and critical-infrastructure markets. As government buyers increase their scrutiny of IRAP reports, depth and quality are shaping buyer confidence and market access. Our discussion paper examines the commercial value of engaging with the IRAP program as a supplier, and […]