Deloitte’s slice of sovereignty scheme clouded in mystery


Joseph Brookes
Senior Reporter

The agency administering Australia’s data sovereignty scheme won’t say when it became aware of a foreign company’s plan to acquire Canberra-based cloud provider Sliced Tech or whether the acquisition had any impact on the local company’s new government clearance.

Global consulting giant Deloitte last week announced it had acquired Australian sovereign cloud service company Sliced Tech for an undisclosed amount. Just hours earlier, the Canberra firm had been cleared to host sensitive government data under a new regime known as the Hosting Certification Framework (HCF).

The HCF is administered by the Digital Transformation Agency (DTA), which assesses firms’ facilities and personnel, and can specify ownership and control conditions as part of certification.

If certified companies “alter their profile” in a way deemed to breach the conditions, they are responsible for the government’s transition costs to another provider.

Last Thursday, the DTA certified Sliced Tech as “Strategic”. It was one of the first four cloud providers added to the HCF, joining six data centre companies which had been certified a month prior.

Only hours later, the company revealed it had been acquired by Deloitte.

The DTA confirmed the certification had occurred on the same day, but declined to say when the agency first become aware of Deloitte’s acquisition plans for Sliced Tech, or how the new ownership would impact that certification.

“SlicedTech were certified at the Strategic level under the Hosting Certification Framework from 7 October,” a DTA spokesperson told InnovationAus.

“The conditions under which providers are assessed and certified are detailed in the Hosting Certification Framework. Questions related to the acquisition of SlicedTech by Deloitte should be referred to those companies.”

The DTA also declined to confirm Sliced Tech’s current level of compliance with the HCF.

Some certified companies are voluntarily disclosing their compliance levels and the undertakings their certification is based on to improve transparency and confidence in the HCF. But others are not, raising concerns about compliance and reliability of supply chains.

Introduced earlier this year, the HCF is designed to give the government more transparency over data centre and digital service providers, and reduce agencies’ security and financial risks.

Certification at one of the two levels – “Assured” and the higher “Strategic” – is now required for any provider to host sensitive or whole-of-government data.

The scheme is being led by federal Digital Minister Stuart Robert and follows fears about foreign countries’ access to government data and the high costs of unplanned migration when providers are deemed too risky.

The local industry is concerned about the new scheme’s transparency and associated risks, described by some companies as unmanageable.

Neither Deloitte or Sliced Tech responded to questions about the acquisition or how it impacted the certification process.

Do you know more? Contact James Riley via Email.

2 Comments
  1. Kevin 3 months ago
    Reply

    Only one glaring problem with this report and it was in the first sentence. Deloitte in Australia is not a foreign firm. It is Australian-owned by the local partners. Deloitte in Australia operates in a global franchise network. Just like Collins food runs the franchise for KFC in Australia, but is an ASX-listed local firm.

  2. Rob 3 months ago
    Reply

    Hosting framework –
    “Certified Strategic Hosting Provider represents the highest level of assurance and
    is only available to providers that allow the Government to specify ownership and
    control conditions”

    This article probably should include comment about that stipulation, and perhaps seek comment from the department about it in relation to the acquisition.

Leave a Comment

Your email address will not be published.

Related stories