Header background

Dynatrace SaaS achieves “Protected” status after successful completion of Australian Information Security Registered Assessors Program assessment (IRAP)

Dynatrace SaaS has achieved the Australian Government security status "Protected” after completing an assessment performed by an Information Security Assessor Program (IRAP) assessor.

This brings the latest Dynatrace innovations to Australian Government agencies, financial services, utilities, telecommunication, and other Australian enterprises and citizens. It gives all Dynatrace customers confidence that their data resides in a highly secure environment.

IRAP was created by the Australian Cyber Security Center (ACSC), part of the Australian Signals Directorate (ASD).

Australian IRAP

In an increasingly interconnected world, data security is paramount. The Australian government and high-compliance private sectors recognise this urgency and have established stringent requirements to safeguard sensitive information.

The challenge: Protecting sensitive data

Organisations across Australia handle a diverse array of sensitive data, including:

  • Personally Identifiable Information (PII): Details that uniquely identify individuals.
  • Personal Health Information (PHI): Health-related data that requires strict confidentiality.
  • Mission data: Critical national security, defence, and strategic operations information.
  • Financial data: Sensitive financial records and transactions.

To maintain data integrity and security in the public sector and highly regulated industries, Dynatrace has met the requirements and standards specified in the Australian Government Information Security Manual (ISM) and the Protective Security Policy Framework (PSPF).

Frameworks and assessments

Australian Government Information Security Manual (ISM)

The ISM is the definitive guide for information security within Australian government agencies. It covers risk assessment, access control, incident response, and secure data handling. Compliance with the ISM ensures robust security practices for government information systems.

Protective Security Policy Framework (PSPF)

The PSPF extends beyond information security to encompass broader protective security principles. It includes physical security, personnel security, information security, and governance. Adherence to the PSPF ensures a coordinated approach to security across government operations.

IRAP: Assessing ICT Systems

The Information Security Registered Assessors Program (IRAP) plays a pivotal role:

  • IRAP assesses and accredits information and communication technology (ICT) systems.
  • Independent assessors rigorously evaluate these systems against specific security standards.
  • Certification by IRAP ensures compliance before deployment in government agencies.


An IRAP assesses and accredits information and communication technology (ICT) systems, the ISM provides detailed security guidelines for government information systems, and the PSPF establishes broader protective security principles for all government operations.

Following an IRAP assessment undertaken by a certified and independent IRAP Assessor, Dynatrace customers and their users can be assured that Dynatrace, as an organisation, adheres to the rigorous security controls mandated by the Australian Government’s ISM and PSPF.

By offering unified observability and security, Dynatrace enables organisations to safeguard their data and streamline operations. Companies can efficiently manage all their full stack observability and application security needs with a single platform that integrates AI-driven analytics and intelligent automation.

Dynatrace for Australia Regulated Sector

With the Dynatrace® platform, Australian citizens and enterprises can:

  • Confidently deliver high-quality, innovative, cloud-native applications to take advantage of the benefits of new technologies.
  • Prioritize and resolve issues before they have an adverse effect to ensure superior experiences.
  • Relieve strained and limited IT resources from repetitive, laborious, and time-consuming tasks using automation.
  • Eliminate blind spots and gain valuable insights into the performance and availability of infrastructure and applications with end-to-end observability.
  • Shift security to the left (of the software development lifecycle) by automating vulnerability detection and resolving issues before they can be exploited, thus reducing threat-hunting needs and security analyst fatigue.
  • Tame cloud complexity and stay ahead of rapidly changing demands by automating continuous discovery, proactive anomaly detection, and optimisation across the software lifecycle.
  • Enable cross-functional collaboration by eliminating silos and providing DevSecOps teams with a standard set of contextual data and a single source of truth across their entire hybrid, multicloud ecosystem.

What’s next

Start your free trial and see your own data in under 5 minutes.