Category
Guidance Document
Type
Standard
Version
2023
Access
Open
Status
Active
Created
November 2022
Updated
November 2023
This is the current version.
The Essential Eight is a set of cyber security risk mitigation strategies developed by the Australian Signals Directorate. This document details a process for undertaking assessments of the Essential Eight. It includes foundational principles and guidance on assessment methods that can be used for assessing both the implementation and effectiveness of controls that underpin the Essential Eight, as articulated within the Essential Eight Maturity Model.
Main sections:
- Introduction
- Overview
- Evidence quality
- Determining effective implementation of mitigation strategies
- Stages of an assessment
- Stage 1: The assessor plans and prepares for the assessment
- Stage 2: The assessor determines the scope (i.e. assessment boundary) and approach for the assessment
- Stage 3: The assessor assesses the controls associated with each of the mitigation strategies
- Stage 4: The assessor develops the security assessment report
- Further information
Main sections:
- Introduction
- Overview
- Evidence quality
- Determining effective implementation of mitigation strategies
- Stages of an assessment
- Stage 1: The assessor plans and prepares for the assessment
- Stage 2: The assessor determines the scope (i.e. assessment boundary) and approach for the assessment
- Stage 3: The assessor assesses the controls associated with each of the mitigation strategies
- Stage 4: The assessor develops the security assessment report
- Further information
Access Essential Eight Assessment Process Guide v2023
By accessing this content, you are leaving this website. The Agency takes no responsibility for the accuracy of content on the destination page.