Cyber security compliance, explained

Plain English guides related to IRAP, Essential Eight, ISO 27001 and 42001, SOC 2 and vCISO.

Browse by framework

Essential Eight (10)

Virtual CISO (8)

Start here: the six framework guides

The pillar guide for each framework, the best place to begin.

IRAPThe complete Australian guide Essential EightThe complete Australian guide ISO 27001The complete Australian guide ISO 42001AI management systems guide SOC 2The complete guide for tech companies Virtual CISOThe complete Australian guide

Latest Guides

Essential Eight for Commonwealth Entities: The Maturity Level Two Expectation

Since 1 July 2022 the PSPF has required non corporate Commonwealth entities to reach Essential Eight Maturity Level Two across all eight…

June 21, 2026
Essential Eight Changes in 2026: What Is Actually Changing

The Essential Eight maturity levels are not changing on 1 July 2026. The bigger change is broader. ASD is evolving the Essential…

June 21, 2026
IRAP Assessment: The Complete Australian Guide

A complete guide to IRAP assessment in Australia: whether you need it, what it is, cost, timeline, the process, the report, and…

June 21, 2026