Adobe Sign secures IRAP certification

Adobe Sign IRAP

Adobe has announced it has secured IRAP certification for its eSignature service, Adobe Sign, opening the doors to wider uptake of the solution within Australian Government organisations.

The assessment assures that the digital signature service meets the Australian Signals Directorate’s (ASD) benchmark for information security controls.

The independently assessed IRAP, or Information Security Registered Assessor Program, uses ASD-certified assessors to validate that appropriate security controls are in place for the secure use of a managed service within Australian Government agencies, and moreover, that an assessed solution meets the appropriate responsibility model under the Government’s Information Security Manual (ISM).

IRAP services include the provision of advice for, as well as assessments, of cloud services, gateways, specialised government network connections, information systems, system documentation, and risk mitigation.

Adobe Sign, part of Adobe’s Document Cloud suite, is a cloud-based e-signature service, allowing users to send, sign, track, and manage digital signatures via a web browser or mobile device.

The service currently offers integrations with Dropbox, Google, SAP Ariba, ServiceNow, Salesforce, Workday, Box, and Microsoft OneDrive among others.

Adobe Sign is also Microsoft’s preferred solution across its entire product suite, supporting integration with Microsoft 365 and Microsoft Dynamics 365 cloud-based solutions, both widely used across Government.

Adobe Australia and New Zealand vice president Suzanne Steele said that completion of the IRAP assessment for the Adobe Sign platform ensures it “can help governments and businesses deliver better digital experiences with trust and security built at the core.”

Adobe Sign becomes the second Adobe managed service to be certified under the IRAP scheme, following the assessment of its content management platform Adobe Experience Manager.

“As a platform, our aim is to meet the highest level of security for our customers both locally and globally,” said Chandra Sinnathamby, Head of Adobe Document Cloud, Asia Pacific.

“We’ve seen an exponential growth of the use of digital documents across the region, with many people using e-sign for the first time last year.

“Our assessment highlights our dedication to providing a safe platform to further enhance citizen experiences.”

Adobe is authorised in the US under the FedRAMP scheme, an analogue to Australia’s IRAP certification, allowing Adobe Document Cloud to be used by several US Government agencies.

In Singapore, Adobe supports Singapore’s national identity project, ‘Sign with Singpass’, which enables digital document signing on a number of platforms, including Adobe.

Adobe Sign is hosted on Amazon Web Services (AWS) and Microsoft Azure in a continuously active Availability Zone, with dedicated data centres based in Australia (Sydney), Germany, The Netherlands, India, Japan, the US, and Singapore.

On its data recovery processes, Adobe notes that “data stored in the active Adobe Sign data centres is kept [synchronised] with their passive data centre pair for disaster recovery that is located in a geographically separate region”.