The agency administering Australia’s data sovereignty scheme won’t say when it became aware of a foreign company’s plan to acquire Canberra-based cloud provider Sliced Tech or whether the acquisition had any impact on the local company’s new government clearance.
Global consulting giant Deloitte last week announced it had acquired Australian sovereign cloud service company Sliced Tech for an undisclosed amount. Just hours earlier, the Canberra firm had been cleared to host sensitive government data under a new regime known as the Hosting Certification Framework (HCF).
The HCF is administered by the Digital Transformation Agency (DTA), which assesses firms’ facilities and personnel, and can specify ownership and control conditions as part of certification.
If certified companies “alter their profile” in a way deemed to breach the conditions, they are responsible for the government’s transition costs to another provider.
Only hours later, the company revealed it had been acquired by Deloitte.
The DTA confirmed the certification had occurred on the same day, but declined to say when the agency first become aware of Deloitte’s acquisition plans for Sliced Tech, or how the new ownership would impact that certification.
“SlicedTech were certified at the Strategic level under the Hosting Certification Framework from 7 October,” a DTA spokesperson told InnovationAus.
“The conditions under which providers are assessed and certified are detailed in the Hosting Certification Framework. Questions related to the acquisition of SlicedTech by Deloitte should be referred to those companies.”
The DTA also declined to confirm Sliced Tech’s current level of compliance with the HCF.
Some certified companies are voluntarily disclosing their compliance levels and the undertakings their certification is based on to improve transparency and confidence in the HCF. But others are not, raising concerns about compliance and reliability of supply chains.
Introduced earlier this year, the HCF is designed to give the government more transparency over data centre and digital service providers, and reduce agencies’ security and financial risks.
Certification at one of the two levels – “Assured” and the higher “Strategic” – is now required for any provider to host sensitive or whole-of-government data.
The scheme is being led by federal Digital Minister Stuart Robert and follows fears about foreign countries’ access to government data and the high costs of unplanned migration when providers are deemed too risky.
The local industry is concerned about the new scheme’s transparency and associated risks, described by some companies as unmanageable.
Neither Deloitte or Sliced Tech responded to questions about the acquisition or how it impacted the certification process.
Do you know more? Contact James Riley via Email.