Security & Compliance

CreditLogic meets the highest industry standards and is ISO27001 Certified.


Security Strategy

The security strategy for Creditlogic is based on a layered defence approach incorporating preventative, detective and reactive controls at the infrastructure, application and operational (people and process) layers to ensure that the integrity, availability, and confidentiality of Creditlogic and our customers information assets is assured and maintained.

We adhere to the principles of Security by design and default throughout the full service lifecycle from the Software Development Lifecycle (SDLC) through service commissioning and operation.

Defence in Depth

In delivering service to Creditlogic customers we employ a “defence in depth” approach, implementing multi-layered defence at the technology layer (including but not limited to secure application design, strong authentication and access control, firewalls (stateful/Web Application Firewall), antimalware, system hardening, encryption, data loss prevention and reporting) to ensure that there is always a contingency control available in the event of the failure of a primary control.

Information Security

  • Access to mission critical systems are strictly controlled and monitored. All user/application access to cloud services is managed using IAM users and IAM roles set for each of the accounts. User authentication includes a combination of 3 factors user name, credential and a physical security key for multi factor authentication.
  • All customer-provided data, stored in our environment is encrypted with AES-256 Encryption.
  • We partner with a class lending cyber security solution provider, specializing in vulnerability detection and intelligence technology to perform penetration testing and real time continuous attack surface management.

Information Security Management System (ISMS)

Information Security practices in CreditLogic are based on the ISO 27001 (2013) framework and these define the requirements of our service to a granular level. In order to ensure adherence to the highest standards of Security and Service management Creditlogic has implemented ITIL based service management which ensures incident, problem and change are consistently managed.

Design Principles

Our environment implements security and privacy by design and default at all levels – infrastructure, application and service

Highly available

We have a completely cloud-based environment with multiple layers of redundancy, resilience, and recovery options.

Fail Safe

The system utilises the inherent replication of the cloud environment as well as back ups to ensure data integrity and recovery capabilities in the event of a disruption.

Actionable security intelligence

Our cloud implementation is designed to match industry recognised security standards (CIS) and ensures this is maintained automatically.

Pervasive Monitoring and measurement

Our environment requires no hands-on management- everything is software-defined and deployed and managed via industry-standard tools and the native monitoring capability of the cloud – this dramatically reduces downtime and issues for customers.

The established leader in loan origination

The established leader in loan origination

Schedule a Demo