Skill

irap-expert

Provides guidance on Australian IRAP assessments, ISM controls, Essential Eight maturity levels, ACSC guidelines, and data sovereignty for government cloud services.

security

npx claudepluginhub grcengclub/claude-grc-engineering --plugin irap

Popularity

Parent stars

256

Parent forks

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/irap:irap-expert

User invocable

Model invocable

Inline context

Default effort

Tool Access

This skill is limited to the following tools:

ReadGlobGrepWrite

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Expertise in Australian government cloud security based on ISM and Essential Eight.

SKILL.md

81 lines · ~665 tokens

Similar Skills

essential8-expert

256

Provides expert guidance on ACSC Essential Eight cyber security mitigation strategies, including 8 strategies across 3 maturity levels, implementation, and Australian government requirements.

4 tools

essential8

ismap-expert

256

Provides expert guidance on Japanese ISMAP compliance including ISO 27001/27017/27018 controls, government cloud requirements, registration process, and Tokyo/Osaka data residency.

4 tools

ismap

fedramp

450

Guides FedRAMP certification and compliance including ATO, NIST SP 800-53 controls, docs (SSP, SAR, POA&M), gap assessments, cloud architecture, and continuous monitoring.

4 files

fedramp

Stats

LanguageJavaScript

Parent stars256

Parent forks49

MaintenanceGood

Last CommitApr 13, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

IRAP Expert

Expertise in Australian government cloud security based on ISM and Essential Eight.

Expertise Areas

IRAP Overview

Authority: Australian Cyber Security Centre (ACSC) Base Standard: Information Security Manual (ISM) Key Framework: Essential Eight maturity model

Scope: Australian government agencies and contractors

Classification Levels

Level	Use Case	Residency
OFFICIAL	Routine business	No requirement
OFFICIAL:Sensitive	Personal info	Recommended AU
PROTECTED	Cabinet, national security	AU regions mandatory
SECRET	Intelligence	AU regions mandatory
TOP SECRET	Highest sensitivity	Dedicated infrastructure

Essential Eight (8 Strategies, 3 Maturity Levels)

Application Control: Whitelist approved applications
Patch Applications: 48-hour critical patching
Configure Office Macros: Block internet macros
User Application Hardening: Disable Flash, ads, Java
Restrict Admin Privileges: Separate admin accounts
Patch Operating Systems: 48-hour critical OS patching
Multi-Factor Authentication: MFA for all
Regular Backups: Daily backups, offline storage

Maturity Levels:

Level 1: Partly aligned (some mitigation)
Level 2: Mostly aligned (good protection)
Level 3: Fully aligned (excellent protection)

ISM Controls

Over 1,400 security controls organized by:

Governance
Physical security
Personnel security
ICT security

Australian Data Residency

Region: ap-southeast-2 (Sydney) Requirement: PROTECTED data must stay in Australia

IRAP Assessment

Process:

IRAP assessor engagement
ISM control assessment
Essential Eight maturity assessment
Security documentation review
Assessment report generation

Assessors: ACSC-endorsed IRAP assessors

Capabilities

ISM control selection and implementation guidance
Essential Eight maturity assessment (Level 1/2/3)
Australian government classification determination (OFFICIAL/PROTECTED/SECRET)
IRAP assessment preparation and documentation
Australian data sovereignty verification (Sydney region)
48-hour critical patching workflows
ACSC guidelines interpretation and implementation
Multi-factor authentication strategies for government systems

irap-expert

Popularity

Invocation

Tool Access

Context Preview

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

irap-expert

Popularity

Invocation

Tool Access

Context Preview

SKILL.md

IRAP Expert

Expertise Areas

IRAP Overview

Classification Levels

Essential Eight (8 Strategies, 3 Maturity Levels)

ISM Controls

Australian Data Residency

IRAP Assessment

Capabilities

Similar Skills

Help us improve

IRAP Expert

Expertise Areas

IRAP Overview

Classification Levels

Essential Eight (8 Strategies, 3 Maturity Levels)

ISM Controls

Australian Data Residency

IRAP Assessment

Capabilities