Defence Readiness Portal
Essential 8 maturity + DISP certification preparation
What this portal does
This is your preparation workspace for two connected goals: assessing your organisation's cyber maturity against the ACSC Essential 8 framework, and preparing your Defence Industry Security Program (DISP) certification application.
Essential 8
Work through 8 controls, upload evidence, run AI audits, and track your maturity level (ML0–ML3).
DISP Certification
Complete your CSQ, build an action plan, register clearances, and prep for security interviews.
E8 is a prerequisite for DISP, not a separate track. DISP membership at Baseline and above requires your organisation to demonstrate ASD Essential 8 compliance at Maturity Level 2. Completing your E8 assessment here directly feeds your DISP application — you're not doing two things, you're doing one thing in the right order.
What you'll need
What you'll get
Nothing submitted here goes to Defence directly. This is your preparation workspace. The official DISP application is lodged through the Defence Member Portal.
Dashboard
Organisation-wide Essential 8 maturity posture at a glance
Two pathways, one goal
E8 + DISPE8 is a prerequisite for DISP, not a separate track. DISP membership at Baseline and above requires ASD Essential 8 compliance at Maturity Level 2. Completing your E8 assessment here directly feeds your DISP application.
Your progress is saved in this browser. If multiple people in your organisation need to contribute (e.g. IT lead for E8, Security Officer for DISP), each person should use their own browser or device.
Last: No audits yet
Control Maturity Snapshot
★ Uniform maturity = lowest ML across all controls (PSPF minimum: ML2)
Recent Audit Activity
No audit history yet. Run an audit from the Audit Results view.
Getting Ready for DISP Membership
Everything you need to prepare before lodging your Defence Industry Security Program application
What is DISP?
The Defence Industry Security Program (DISP) is how the Australian Government checks that businesses working with Defence can be trusted with sensitive information, systems, and assets. If your organisation is pursuing a Defence contract, responding to a tender, or working as a subcontractor to a Defence prime — DISP membership is a requirement, not an option.
What's involved?
DISP assesses your organisation across four areas: security governance, personnel security, physical security, and ICT and cyber security. You'll need documented policies, nominated security personnel, appropriate physical controls, and cybersecurity measures aligned with the ASD Essential Eight at Maturity Level 2.
Membership is ongoing — annual reporting, incident notification, and periodic reviews are all part of the commitment once you're in.
How long does it take?
Once your application is submitted, Defence typically takes around 90 days to assess it. The real variable is preparation.
Applications that arrive incomplete face delays and revision requests — and draft applications left inactive for 60 business days are automatically removed from the Defence portal. The work happens before you submit.
How this portal helps
This is your preparation workspace. The official DISP application is lodged through the Defence Member Portal — this tool gets you ready for that step.
Here, you'll work through each requirement at your own pace, upload your supporting documents, and identify any gaps before they become a problem. When you're done, you'll have everything consolidated and ready to carry into your formal application.
Nothing submitted here goes to Defence directly. This is your preparation space.
Key milestones
Your path from eligibility to membership
Loading schema...
No controls loaded. Schema may be unavailable.
Provider Directory
Australian cybersecurity service providers for Essential 8 implementation support.
No providers match your search
Try adjusting your search query or clearing the category filter.
Upload Evidence
Select a file to upload for LLM analysis. Files are uploaded directly to Cloudflare R2 via a presigned URL.
Drop a file here or click to browse
PDF, PNG, JPG, DOCX, CSV, TXT — up to 50 MB
Upload complete!
Upload failed
Upload History
| File | Size | Type | Date | Status |
|---|---|---|---|---|
No uploads yet. Drop a file above to get started.
Audit Results
Evaluating control evidence…
Analysing against Essential 8 maturity model
Target:
Confidence Score
Findings
Recommendations
Identified Gaps
Audit History
No audit history yet. Run an audit above to get started.
CSQ Assessment
Defence Industry Security Program — Cyber Security Questionnaire. Answer all 107 questions across 4 domains.
Loading CSQ questionnaire...
Start a New Assessment
Existing Sessions
No sessions found. Start a new one above.
Describe or reference the document providing evidence for this question.
No questions match the current filter.
Assessment Submitted
Your CSQ responses have been submitted successfully for entity .
Annual Security Report
DISP annual self-attestation workflow. Manage roles, complete domain attestations, and submit for CSO review.
Loading...
ASR Sessions
No ASR sessions yet. Create a new Annual Security Report to get started.
Create New ASR
Status: · Created:
Domain Attestations
Workflow Actions
✓ ASR submitted on
ASR Summary
Action Log
No actions recorded yet.
Interview & Evidence Packs
Create and manage structured interview packs, evidence collections, assessments, and audit packs for Gap 8 preparation.
Loading...
Total
Draft
Finalised
Archived
Types
All Packs
No packs yet. Create a new interview or evidence pack to get started.
·
Step 1: Title & Type
Step 2: Include Evidence
Optional. Enter evidence file keys or reference IDs to associate with this pack.
Step 3: Notes & Review
Summary
Title:
Type:
Evidence refs:
Notes:
· Created: · Updated:
Are you sure you want to delete this pack? This action cannot be undone.
Details
Export Output
Policy & Documentation Repository
Manage policies, procedures, and documentation artefacts. Track review dates and map controls.
Loading policies...
Total
Draft
Reviewed
Approved
Current
Superseded
Some policies have past-due review dates. Please review and update them.
JSON array or comma-separated
Delete Policy?
This action cannot be undone. The policy will be permanently removed.
Maturity Action Plan
Plan and track actions to address maturity gaps
| Control | Action Description | Priority | Status | Target Date | Assigned To | Actions |
|---|---|---|---|---|---|---|
|
|
||||||
| No action plans found. Click "Create Plan" to add one. | ||||||
Clearance Register
Manage personnel security clearances and FOCI assessments
| Name | Role | Clearance Level | Clearance # | Expiry | FOCI Status | Actions |
|---|---|---|---|---|---|---|
| No personnel found. Click "Add Person" to register a new entry. | ||||||
Delete Person?
This action cannot be undone. will be permanently removed.