ISO 27001 Certification

We are pleased to announce that Prophecy International, including its software divisions Snare and emite, has successfully completed ISO/IEC 27001:2022 certification as of 20 September 2025. This certification covers the information security management systems (ISMS) governing the development and delivery of the Snare and emite solutions, as well as the broader organisational governance of Prophecy International.

The certification audit was conducted by SAI Global in Australia under the scope:

“The information security as related to the development and delivery of the Snare and emite solutions, and associated organisational processes, as defined in the Statement of Applicability v1.1 dated August 2025.”

Certification is valid as of 20 September 2025, with certificate number ITGOV40332.

This achievement reaffirms our ongoing commitment to information security, risk management, and data protection. Customers, partners, and regulators may rely on this independent third-party certification as evidence that Prophecy International software and services are designed, operated, and maintained to meet globally recognised compliance and data-processing standards.

Why ISO 27001 Matters 

Information is the lifeblood of every modern organisation — it fuels innovation, enables decision-making, and underpins commercial success. With the increasing digitisation of systems and supply chains, protecting this data from deliberate or accidental loss, compromise, or destruction has never been more critical.

ISO 27001 is a risk-based framework designed to help organisations systematically identify, manage, and reduce information security risks. By aligning to this international standard, Prophecy International ensures that its controls, governance, and processes meet the most rigorous global benchmarks for confidentiality, integrity, and availability of data.

ISO 27001 establishes a structured approach to:

• Assessing and managing information-security risk.
• Implementing organisational, people, physical, and technological controls.
• Continually improving security practices and performance.
• Demonstrating compliance to regulators and customers.

The framework’s 93 controls (Annex A) cover 14 core domains, including policies, asset management, access control, encryption, supplier relationships, operations security, incident management, and business continuity.

Our Commitment 

As cyber threats evolve and compliance expectations rise, Prophecy International will continue to enhance its security posture — ensuring that every customer engagement, every line of code, and every piece of data is protected under a robust and proven security framework

The certification of Prophecy International, Snare, and emite underscores our dedication to upholding the highest standards of security and governance. It reflects not only the strength of our internal processes but also our unwavering focus on safeguarding customer trust.

How Snare and emite Support Compliance

Choosing technology partners with proven security credentials is one of the most effective ways to strengthen your organisation’s own compliance posture. Both Snare and emite are built with governance, transparency, and data protection at their core — helping customers meet the same standards that Prophecy International upholds.

Our priority is your security — let us know how we can help you achieve and maintain compliance confidence.

Contact your regional Snare or emite team to learn more

SOC2 Certification 

Prophecy International is committed to protecting customer data and maintaining robust information security practices. 

On 27 September 2024, emite successfully completed a SOC2 Type 2 audit. This certification covers the period from January 1 2024 to June 30 2024, and was conducted by Grant Thornton Audit Pty Limited, an independent auditing firm. 

SOC2 (Service Organization Control 2) is a framework for managing data security, availability, processing integrity, confidentiality, and privacy.  

SOC2 compliance is crucial for businesses that handle sensitive customer data. It provides assurance to our clients that we have implemented stringent controls to protect their information. By achieving SOC2 compliance, we demonstrate our dedication to maintaining the highest standards of security and data management. 

Scope of the SOC2 audit 

The audit was conducted in accordance with attestation standards established by the American Institute of Certified Public Accountants (AICPA) and the International Standard on Assurance Engagements (ISAE) 3000 (Revised), providing a rigorous and credible evaluation process. 

The SOC2 audit covered the description of our technology platforms and assessed the suitability of design and operating effectiveness of our controls. This comprehensive approach reflects our operations and confirms that our controls are both well-designed and functioning effectively to meet SOC2 requirements. 

Key requirements met by emite 

• Comprehensive system description and controls for our technology platforms. 

• Adherence to trust services criteria for security, availability, processing integrity, confidentiality, and privacy. 

• Suitable design and implementation of controls. 

• Effective operation of controls throughout the audit period. 

• Transparent communication with auditors. 

• Robust internal evaluation processes. 

• Compliance with relevant laws and regulations. 

• Ongoing monitoring and improvement of security measures. 

Management commitment 

emite’s management takes full responsibility for the system description, control design, and adherence to trust services criteria. We are dedicated to maintaining our compliance and continuously improving our security measures to protect our clients’ data. 

Our commitment to SOC2 compliance is ongoing. As of the date of our certification, there have been no significant changes or events affecting our compliance status. We continue to monitor and maintain our systems and controls for consistent adherence to SOC2 standards.