CorePlan’s vision for the mining industry is to get people working better, together. In order to do that, we need to ensure that our customer data remains confidential, the integrity of our customer data remains uncompromised, and we provide persistent availability to our platform. This web page intends to provide our customers and potential customers with the peace of mind that CorePlan is doing everything in our ability to provide a secure service.
Yes, CorePlan’s security program follows the guidance of ISO 27001:2022 and SOC 2. The EU’s General Data Protection Regulation is also followed, on top of the Privacy Act 1988’s Australian Privacy Principles.
CorePlan regularly performs internal audits and brings in expert third-parties for external auditing.
CorePlan utilises the Amazon Web Services region ap-southeast-2, located in Sydney, Australia.
Strict access control mechanisms are in place using technological controls on top of policies and procedures.
Our customers own their data.
CorePlan encrypts all traffic in transit using industry-standard encryption methods. The database is also encrypted at rest.
SSO is available for customers on the Enterprise plan or greater.
Yes, policies and procedures are in place for technical vulnerability management and penetration testing occurs annually.
No, CorePlan does not currently have a bug bounty program in place.
We have policies and procedures in place to manage both the retention of data and destruction of data once it is no longer required.
.avif)
