The ACSC Essential Eight is now the de facto baseline for cyber insurance, board-level risk reporting and pharmacy accreditation. But maturity scores on a spreadsheet aren't the same as controls that actually work.
WAPIT implements all eight strategies — application control, patching, macros, hardening, admin privileges, OS patching, MFA, backups — and tracks maturity uplift quarterly with evidence you can show your board or insurer.
Built for Australian pharmacy.
Maturity baseline
Independent ML0-ML3 scoring across all eight strategies.
Phased uplift plan
Quick wins first; structural changes scheduled and budgeted.
Application control
Allow-listing on dispensing terminals — the highest-impact control.
Patching automation
Automated OS and application patch cycles with reporting.
Quarterly evidence pack
Updated maturity scorecard plus supporting evidence each quarter.
Measurable results for your pharmacy.
- Demonstrable Essential Eight maturity uplift
- Cyber insurance renewals get easier and cheaper
- Board and accreditation reporting handled
Frequently asked questions
What maturity level should a pharmacy target?
ML2 is realistic and meaningful for most pharmacies; ML3 is reserved for high-risk operations or those handling government data.
How long does it take?
ML1 in 30-60 days, ML2 typically 6-9 months depending on starting posture.
Explore more cyber security.
Cyber Security Audits
Comprehensive pharmacy security audit with prioritised remediation roadmap.
Learn moreVulnerability Assessments
Authenticated and unauthenticated scans across your dispensing and admin environments.
Learn morePenetration Testing
Coordinated, scoped pen tests with reputable Australian CREST-aligned partners.
Learn more