ISO/IEC 27001:2013

The Victorian Chamber is externally and independently audited and certified to the international information security standard ISO/IEC 27001:2013. We have demonstrated a comprehensive, effective and continually improving information security management system (ISMS). Certification involves regular audits to verify our compliance.

DEWR Information Security Systems Scheme Issue 1                      

The Victorian Chamber is externally and independently audited and certified to the Department of Employment and Workplace Relations (DEWR) Right Fit For Risk (RFFR) accreditation. This accreditation comprises the ‘OFFICIAL’ controls in the Australian Government Information Security Manual (ISM) and the mandatory inclusion of all clauses and the annex A ISO 27001:2013 controls.

ACSC Essential 8 Level 3

The Victorian Chamber has been externally and independently audited and certified to Australian Cyber Security Centre Essential 8 Level 3 compliance. 

Enterprise-grade security

Vulnerability assessments
The Victorian Chamber undergoes regular penetration tests by Council of Registered Ethical Security Testers (CREST) certified professionals. These probe for vulnerabilities in our core infrastructure such as hardware, internal/external networks, Wi-Fi and websites.

Data encryption
We encrypt all data in transit using industry-standard TLS 1.2 at minimum and TLS1.3 where available. Customer data is also encrypted at rest when it is stored on our platforms using AES 256 at minimum.

Network protection
Multiple layers of security controls protect access to and within our environment, including firewalls, intrusion detection systems and network segregation. We partner with industry-leading security vendors to leverage their expertise to protect our systems.

Incident management
Our team monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats. If an incident occurs, technical personnel are available to provide incident coverage.