Devicie Information Security Operations Statement

Security is at the Core of Everything Devicie Does

Our information security program embraces defence in depth. We invest in people and technologies and seek third party expertise and validation. 

Devicie protects customers and partners through robust operational security requirements and processes, assessing and managing cyber security threats and risks against best practices and frameworks such as the AICPA SOC 2, SOC 3, and GDPR EUand UK. 

Information Security

Our security and compliance program is built around the security triad: confidentiality, integrity and availability. 

Devicie follows the Trust Services Principles of the AICPA SOC 2 and SOC 3 for security, availability, and confidentiality. Devicie also maintains a privacy program to adhere to the requirements of the GDPR EU and UK Privacy regulations and follows Privacy Principles from other key acts including the Australian Privacy Act 1988 (Cth.) and Californian Consumer Privacy Act (CCPA). 
Devicie’s program incorporates areas including:

• Leadership engagement and support of security frameworks and initiatives  
• Execution, maintenance and regular auditing of its security and compliance framework 
• Supplier and vendor assurance and management to ensure the supply chain meets the same high security standards  
• Information and cyber security policies, procedures and processes around its technologies and people  

Compliance

Devicie maintains AICPA SOC 2 and SOC 3 control programs, audited annually to demonstrate our stance on security as a services organisation. 

Our SOC 2 Type 2 report is available on request to partners and customers under NDA. The SOC 3 report is also available on request.