Sybiz Software, as part of its requirements under the Australian Taxation Office’s Operational Security Framework maintains a system of policies and controls equivalent to ISO/IEC 27001:2022.
Sybiz customers can choose to host their own data on cloud servers or on their own in-house servers. Sybiz does not host client data.
In the event a Sybiz customer or its advisors or auditors are seeking a SOC2 statement of compliance relating to Sybiz, it should instead be sought from the relevant cloud hosting provider (e.g. Microsoft Azure, Amazon AWS).
Information on Microsoft Azure and SOC2 can be found here.
Information on Amazon AWS and SOC2 can be found here.
If data is hosted on servers of another cloud provider (or the above links become stale), a simple internet search should provide the relevant information.
In the rare event Sybiz requests a copy of data from a customer, the data transfer, anonymisation, deletion etc. are handled in accordance with Sybiz’s ISO/IEC 27001:2022 policies and processes.
