Data and Cyber Security

ADSS Certified. Practice Protect Enabled.

Why Security Matters to Us

The nature of our work requires us to manage highly confidential information. In today’s digital environment, cyber threats and data breaches are constant risks.

Our approach to security ensures your data is protected at every stage — from receipt and processing, to secure storage and final delivery.

Our ADSS certification demonstrates our commitment to applying robust controls, regular reviews, and independent verification of our practices.

Data & Cyber Security Policy

Our Commitment to Protecting Your Information

At D.S Audit Services, we understand that protecting your information is critical to maintaining your trust. As a professional SMSF audit firm, we handle sensitive client and financial data every day — and we take that responsibility seriously.

We have implemented strict cyber security controls, industry best practices, and are proud to be certified under the Accounting Data Security Standard (ADSS), a recognised benchmark for data protection in the accounting and audit profession

Accounting Data Security Standard - (ADSS) Certification

Our ADSS certification means:

We meet strict security requirements for access control, encryption, and breach response.
We follow best-practice protocols for handling accounting, audit, and SMSF data.
You have the assurance of independent verification that your data is managed with integrity, confidentiality, and security.

Incident Response

If a data breach is suspected or detected:

We immediately activate our Incident Response Plan.
We contain the breach and mitigate risks.
We notify affected parties where required under the Notifiable Data Breaches (NDB) Scheme.
We conduct a post-incident review to strengthen our defences.

Third-Party Security

We only partner with trusted IT and cloud service providers.

All third parties:

Sign confidentiality agreements.
Must comply with our security requirements and relevant industry standards.

Our Security Measures

Data Classification &
Access Control

We classify all data as Confidential, Internal, or Public.
Access to client and SMSF audit files is restricted to authorised staff only.
Multi-factor authentication (MFA) and role-based permissions are in place.

Secure Communication

No personal email accounts are used for client communication.
Documents are shared via secure client portals or encrypted email services.
Internal communication tools are monitored and access controlled.

Encryption & Secure Storage

All confidential data is encrypted both in transit and at rest.
We use secure, Australian-based cloud infrastructure.
Portable storage devices are encrypted or restricted from use.

System & Network Protection

All systems are kept up to date with the latest patches and security updates.
We employ antivirus software, firewalls, and endpoint protection across all devices.
Remote devices must meet strict security standards before accessing firm systems.

Ongoing Review

Our Data & Cyber Security Policy is reviewed annually or whenever there are significant changes in technology, regulation, or risk.

Our ADSS certification, combined with compliance under ASQM 1 and ISO 9001, ensures our security measures remain strong and effective.