Skip to main content
Category
Guidance Document
Version
v2023
Access
Open
Status
Active
Created
November 2022
Updated
November 2023
The Essential Eight is a set of cyber security risk mitigation strategies developed by the Australian Signals Directorate. This document details a process for undertaking assessments of the Essential Eight. It includes foundational principles and guidance on assessment methods that can be used for assessing both the implementation and effectiveness of controls that underpin the Essential Eight, as articulated within the Essential Eight Maturity Model.

Main sections:

• Introduction

• Overview

• Evidence quality

• Determining effective implementation of mitigation strategies

• Stages of an assessment

• Stage 1: The assessor plans and prepares for the assessment

• Stage 2: The assessor determines the scope (i.e. assessment boundary) and approach for the assessment

• Stage 3: The assessor assesses the controls associated with each of the mitigation strategies

• Stage 4: The assessor develops the security assessment report

• Further information
Access Essential Eight Assessment Process Guide v2023

By accessing this content, you are leaving this website. The Agency takes no responsibility for the accuracy of content on the destination page.