Compliance & Governance · For Auditors

Every engagement produces the evidence a regulator asks for — before they ask.

BlackVault™ delivers a complete, version-controlled governance documentation set with every deployment. The documents exist, are maintained current, and are yours to present at any audit.

The Governance Pack

Delivered and maintained with every deployment.

Attestation & Assurance
  • ·Data flow attestation
  • ·Privacy impact assessment
  • ·Information security policies
  • ·Supply chain security disclosure
Security & Resilience
  • ·Essential Eight assessment
  • ·Independent penetration test
  • ·Incident response runbook
  • ·BCP / DR runbook
Ongoing Reporting
  • ·Quarterly compliance report
  • ·Annual compliance review
Accreditation Posture

Stated precisely. Nothing overclaimed.

We state "certified" only where it is independently verifiable. That restraint is what survives scrutiny.

Certified
ISO/IEC 27001:2022 — certified information security management system (independently verifiable).
Implemented
ACSC Essential Eight — controls implemented; Maturity Level uplift included in scope.
Aligned
Information Security Manual (ISM) — security controls aligned.
Pathway
IRAP — assessment pathway available when an engagement requires it.
Applied
Privacy Act 1988 (Australian Privacy Principles) and Information Privacy Act 2009 (Qld) — applied across all engagements.

Review the governance posture you would defend to your regulator.