Last week, Afilias Australia successfully completed our annual ISO 27001 and ISO 22301 audits. These audits confirm again that the .au registry is protected by information security systems and business continuity systems that meet the stringent standards of the International Organization for Standardization (ISO) in these two critical areas. 

What did the process involve?

After our initial ISO certification in January 2019, our systems are reviewed annually to ensure their continued effectiveness and to assist in identifying areas for improvement. This is a formal process that requires surveillance audits to occur at the beginning of the second and third years, performed by an external auditor. 

What does it mean?

To date, the systems supporting .au domain names are compliant with ISO standards and have successfully completed every surveillance audit (2020, 2021), and we are pleased to report that Afilias Australia is on track for a full recertification in ISO 27001 and ISO 22301 next year.

Security Specialist at Afilias Australia, SK Farhan Tanvir was heavily involved in the audit and acknowledges the effort from the entire team. “Maintaining compliance requires a lot of work by many different parties to ensure we are supporting .au in a way that is consistent with these standards. Afilias Australia aims to ensure that our support activities will continue to be based on these ISO standards so that there is a consistent delivery of best practices across the organisation.” 

What happens next?

Every three years, a full ISO certification must be completed, and in 2022 we will commence the recertification process. Until then, Afilias Australia is proud to have met this milestone for the second year and we look forward to working with our colleagues at .au Domain Administration (auDA) as 2021 progresses.

Have a question, comment or idea for a future blog post? Email us at blog@afilias.com.au