CouncilHub.
Book a demoSign in

Security & compliance

Built to the standards local government is held to.

Council data is rates payments, statutory records, vulnerable-resident registers, and DA submissions that end up in IBAC files. CouncilHub is designed for that.

Standards we build to

We're early-stage. These are the frameworks we've engineered the platform against from day one. Formal assessment and certification work is scoped into each council engagement, so you're never paying for a stamp you don't need.

IRAP

Assessment-ready posture · path on engagement

ISO 27001

Aligned by design · certification on engagement

ASD Essential 8

Engineered against Maturity Level 2

WCAG 2.2 AA

Built to AA · independent audit on Metro+

Privacy Act 1988

APP-compliant by design + state IPAs

State Records Acts

VERS-compatible export pipeline

PCI DSS

SAQ-A scope via gateway tokenisation

Australian Privacy Principles

All 13 mapped to controls

Data

Where your data lives, who can see it, what happens if you leave.

Residency
Australian regions only. Sydney (primary), Melbourne (DR). No data leaves.
Encryption
TLS 1.3 in transit, AES-256 at rest. Customer-managed keys on Capital tier.
Tenancy
Logical isolation per council, with optional dedicated-instance tier.
Exit
Records-compliant export bundle on request. 90-day deletion guarantee.

Access

Who can do what, and the audit trail to prove it.

Identity
SSO against Entra / AD / Okta. MFA mandatory for admins.
RBAC
8 default roles, customisable per-tenant. Permissions never per-user.
Audit
Every admin action logged, tamper-evident, exportable.
Records
Each notification, ticket and submission is a permanent record.

Resilience

Built for the call that comes at 3am during a flood.

Availability
Targeting 99.95% · SLA tier confirmed in contract.
DR
Active-passive between Sydney and Melbourne.
Push reliability
Multi-provider fallback (APNs, FCM, SMS) for top-tier alerts.
Status page
Public uptime + incident history. We page first.

Privacy

Less data, less risk. Always the minimum needed for the action.

Minimisation
Property-link uses references, not full identity, where possible.
PIA
Privacy Impact Assessment template included for council adoption.
Children
Distinct flows for under-16. No behavioural advertising, ever.
Right to forget
Honoured where lawful; reconciled against Records Act.

The honest bit

Emergency alerting carries a higher reliability bar than the rest of the product.

A late or wrong emergency push is reputation-ending for both your council and us. Our emergency tier runs on a separate redundant pipeline: paged on-call, multi-provider push, SMS fallback, cross-LGA coordination. We review every alert post-event. Insurance is sized to deployment scope and confirmed at contract.

We're not the source of truth for state-level warnings. BoM, RFS, CFA, SES are. We surface them with local context. That's a deliberate boundary.

Talk to our CISO