This content is currently in Alpha

Third Party Identity Services Assurance Framework

Supporting identity services provided by business to government

The Third Party Identity Services Assurance Framework is an Australian Government approach for accreditation of identity services offered by commercial service providers to government agencies. The Assurance Framework describes 4 levels of assurance (LOA) with performance outcomes and standards for identity service providers working with government.

The Assurance Framework is based on an understanding that users should have choice about which service they use to access digital government services. It also states users should not be forced to hold multiple credentials to access the range of government services they need.

Policy requirement: agencies that use the following identity services should use providers accredited under the Third Party Identity Services Assurance Framework at the appropriate level of assurance.

Identity services covered by the Assurance Framework:

Assurance Framework documents (Version 2.0 December 2015):

The Assurance Framework is underpinned by these Australian Government security frameworks:

The Assurance Framework is also informed by these policy frameworks:

If you are an Information Security Registered Assessor contracted by a service provider to undertake an IRAP assessment, you can request a service provider’s list of approved documents by contacting authentication@dta.gov.au

Accredited service providers

The following service has been granted accreditation by the Assurance Framework Competent Authority.

Provider Service type Assurance levels Accreditation date
Australia Post (MyPost) Digital Mailbox LOA 3 23 April 2014

Registered applicants

The following services are undergoing Assurance Framework accreditation.

Last updated: 5 January 2016