Exam Processing Security Statement
Statement last updated: 7 April 2022
This security statement relates to the ACSPRI hosted exam processing service at https://examprocessing.acspri.org.au
The server hosting this service is hosted by Intergrid on behalf of ACSPRI in the Melbourne - Equinix ME1 Datacentre. This data centre has 24/7 on-site staff, biometric readers, CCTV and auditable access lists. It is also has the following certifications: ISO 27001, PCI DSS, SOC 1 Type II, SOC 2 Type II.
Access to the server is only permitted via secure connectivity (SSH/HTTPS).
Only those who require access to the server are permitted access. ACSPRI requires all employees with access to this service to have completed a confidentiality agreement.
We encrypt your data in transit using secure TLS cryptographic protocols (look for the “lock” in your browser URL bar).
Access to the service is logged and retained for the purposes of reviewing any security incident. Remote monitoring is used to ensure system continuity and notify ACSPRI of any potential service interruptions.
Encrypted backups are stored locally on the server and also in an offsite location within the State of Victoria, Australia. Backups are retained indefinitely.
The server operating system and applications are regularly updated with vendor supplied security updates.