ACSC programs and advice are being migrated to (see sidebar)

EPL – Evaluated Products List

Browse EPL

The Australian Signals Directorate (ASD) maintains the Evaluated Products List (EPL) of ICT security products evaluated by ASD for use in Australian and New Zealand government agencies.

  • Products on the EPL are certified for specific purposes and specific security levels.
  • Products on the EPL may be used to build secure systems and networks as described in the Australian Government Information Security Manual.
  • Products are certified against the internationally-recognised ISO 15408 Common Criteria (CC). The CC Portal lists other products with mutually-recognised certification that you may choose.
  • ASD’s certification office, the Australasian Certification Authority, oversees the Australasian Information Security Evaluation Program (AISEP) that administers product testing by licensed commercial evaluation facilities.
  • The EPL also lists ASD’s Cryptographic Evaluations.

In August 2018 ACSC launched a new website,, to reflect its new organisation.

Cyber security programs and advice are being migrated to Information and advice on this site remains current.

Reports help the ACSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.

Cyber security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.

Information for Australian businesses
Information for individual Australian citizens
Information for Federal, State and Local government agencies