SapphireOne Achieves ATO DSP Operational Security Framework Compliance
We are thrilled to announce that SapphireOne has once again been certified by the Australian Taxation Office (ATO) under the Digital Service Provider (DSP) Operational Security Framework. This certification underscores our unwavering commitment to maintaining the highest standards of security and compliance for our clients.
What is the DSP Operational Security Framework?
The DSP Operational Security Framework (OSF) is designed to protect taxation, accounting, payroll/HR, business registry, and superannuation-related data. It ensures the integrity of the systems that support the Australian community by setting a minimum level of security requirements for Digital Service Providers.
Key Compliance Areas
SapphireOne has demonstrated compliance in the following critical areas:
Audit Logging – Comprehensive tracking of user access and transactions.
Certification – Independent certification against ISO 27001:2013.
Encryption in Transit – Secure data transmission.
Entity Validation – Verification of legitimate entities using SapphireOne.
Personnel Security – Rigorous security measures for personnel.
Security Monitoring Practices – Continuous monitoring to detect and mitigate threats.
Supply Chain Visibility – Ensuring transparency and security across the supply chain.
Why is this Important?
Compliance with the DSP OSF reduces the risk of identity theft, tax refund fraud, and system hacks. It ensures that client data is protected through robust security controls, including data encryption, unique user logins, and multi-factor authentication.
Looking Ahead
The next review date for SapphireOne is August 2025. We remain committed to evolving our security measures to meet emerging risks and ensure the continued protection of our clients’ data.
