Documentation consultants author your SRMP and advise on the process. When it comes to the ICT/Cyber controls - Essential Eight ML2, the 107-control CSQ, continuous monitoring - they refer you to a separate IT provider. The result is fragmented accountability between documentation and operational security.

We author the governance documentation and deploy Crystal Eye for the ICT/Cyber domain under one engagement. The 107-control CSQ evidence comes from live telemetry, not a spreadsheet. The 24/7 Australian SOC produces the operational data that supports your Annual Security Report and Ongoing Suitability Assessment. One vendor is accountable for the full chain.

SRMP authorship, Essential Eight ML2 deployment, 107-control CSQ evidence generation, and 24/7 SOC monitoring are delivered under a single engagement. The consultant and the platform are the same organisation. There is no point at which accountability transfers.

Crystal Eye generates CSQ evidence from live network and endpoint telemetry. 18 or more months of data retention supports forensic investigation and audit trail requirements. When Defence tests your operating controls, the data exists because Crystal Eye has been running them — not because they were written down.

Crystal Eye is developed, owned, and supported onshore. All intellectual property is held by Red Piranha. The SOC operates 24/7 from Australia with Australian analysts. Defence-related telemetry remains under Australian jurisdiction throughout the engagement. FOCI-clean by construction — no foreign parent, no offshore development chain.

Crystal Eye deploys and enforces the Essential Eight Maturity Level 2 baseline across the organisation without requiring major infrastructure changes. Inline deployment eliminates engineering overhead.

The Cyber Security Questionnaire evidence pack is generated from operational data, not manually assembled. Every control maps to real telemetry. Defence tests operating controls — Crystal Eye produces them.

Round-the-clock detection and response from the Red Piranha SOC, staffed by Australian analysts. All telemetry under Australian jurisdiction. Push-button escalation from Crystal Eye to the SOC team without IR retainers.

DISP requires demonstrable audit trails and the ability to support forensic investigation. Crystal Eye retains 18 or more months of log and event data, with integrated PCAP analysis to reduce attacker dwell time.

Crystal Eye provides significantly greater visibility across the network than conventional point solutions, covering NDR, EDR, SIEM, Managed Firewall, Vulnerability Scanning, and behavioural anomaly detection in a unified platform.

Automated threat intelligence integration across all security layers. Detection content mapped to MITRE ATT&CK for ICS and enterprise. Proactive threat hunting capability for increased assurance against APTs and unknown threats.

Eligibility check, gap analysis against all four domains, eCISO engagement scoping. Determine the correct membership level for your contracted work.

OUTPUT
DISP gap snapshot and Maturity Action Plan

SRMP and IRP authored. Crystal Eye deployed. Essential Eight ML2 operationalised. CSQ evidence pack assembled from live telemetry.

OUTPUT
DISP gap snapshot and Maturity Action Plan

Crystal Eye TDIR running 24/7. Australian SOC monitoring active. Proactive threat hunting. Incident detection and response without separate IR retainers.

OUTPUT
Continuous detection, operational audit trail

Annual Security Report preparation. OSA gap closure. DDA evidence pack. eCISO retainer for ongoing governance and membership obligations.

OUTPUT
Annual cycle, ongoing DISP membership

Gap snapshot. Maturity Action Plan. Eligibility review and eCISO™ engagement scoping.

Walk through your 107-control submission. Identify gaps against live telemetry before lodgement.

Annual Security Report preparation. OSA gap closure. Deep Dive Audit evidence pack.