Certification Disclaimer

Certification is issued by Bureau Veritas based on independent review of submitted evidence against Australian Cyber Essentials (ACE) requirements. Certification reflects independent review of evidence at a defined point in time and remains valid for the period stated on the certificate, subject to any applicable ACE conditions, review triggers, and renewal requirements.

Where ACE includes ongoing assurance activities between certification events, ongoing assurance status reflects completion of those defined activities and does not guarantee that an organisation will not experience a cyber security incident.

ACE is not currently government endorsed or mandated, and it is not a Commonwealth accreditation or statutory scheme. Any future government recognition, reference, or adoption would be separate from ACE’s independent certification model.

ACE is not tied to any single product, platform, or advisory provider. Technology and advisory partners may support organisations, but certification is based on evidenced outcomes against ACE requirements, not on the use of any specific vendor.

ACE is not legal advice, nor a statement of compliance with any specific law or regulator. Where specific legislative or regulatory obligations apply to your organisation, you should seek independent legal or compliance advice.