The Chartered Accountants Australia and New Zealand (ABN 50 084 642 571) group (including the New Zealand Institute of Chartered Accountants) (CA ANZ) respects the confidentiality and integrity of your data and is committed to protecting your personal information.

CA ANZ recognises the critical importance of providing secure services. This commitment stems from our comprehensive understanding and continuous monitoring of both our internal network and external factors that may impact CA ANZ and its members. We are dedicated to adhering to the information security laws and regulations that govern us and to understanding the unique challenges our people and members face in protecting their data, information, and privacy.

INFORMATION SECURITY MANAGEMENT

CA ANZ employs a multitude of controls to protect our system, infrastructure and data. These controls are regularly audited to ensure they meet global best practices and are aligned with ISO 27001 security practices. Data collected is stored on CA ANZ managed infrastructure that complies with applicable data protection and privacy obligations and is assessed regularly for security and resilience.

CA ANZ values the privacy of every individual’s personal information and is committed to the protection of personal information that it holds from unauthorised use and disclosure. CA ANZ’s Global Privacy Policy sets out how CA ANZ manages the personal information that it collects, holds, discloses, and uses.

ISO/IEC 27001 CERTIFICATION

What is ISO/IEC 27001?

ISO/IEC 27001 is an international standard that focuses on the identification and management of risks related to information security. It encompasses, people, process and technology to ensure the appropriate level of controls are in place to effectively manage information security and support business objectives.

ISO/IEC 27001 certification is accepted within the industry as a reliable, defensible, standards-based information security posture. Certification is a critical decision factor for customers when assessing the security of a service or third party and this is increasingly becoming a prerequisite for engagements with certain customers.

CA ANZ ISO/IEC 27001 CERTIFICATION

In response to the ever-growing need for strong and verifiable data security for sensitive member, business and student data, CA ANZ has achieved ISO/IEC 27001 certified ISMS for data management systems, their underlying infrastructure and the applications in which data are housed.

CA ANZ’s ISMS is supported by ISO 31000 aligned risk management practices and expert resourcing underpinned by tier one cloud infrastructure.

ISO/IEC 27001 ISMS SCOPE AND DETAILS

CA ANZ’s ISMS scope covers the operation, management and support of information systems, their underlying infrastructure and the data centres in which data are housed as defined in the ISMS Statement of Applicability.

• Certificate Number: 2024 - 13944
• Original Approval: Sustainable Certification
• Issuing Date: 15-11-2024
• Certificate Expiry: 20 –10 -2027

To view the current certification certificate, refer to refer to ISO/IEC 27001 Certificate below.