Scope of the DSP operational Framework
If a DSP provides a software product or service that reads, modifies or routes any tax or superannuation related information, then that DSP is in scope of the Framework and will need to meet the requirements. This includes DSPs that use an intermediary (such as a gateway or sending service provider (SSP)) to interact with the ATO.
The requirements include but are not limited to:
How Shearwater can help
The Framework utilises a risk based approach in determining the requirements needed for utilising the ATO’s APIs. It looks at factors such as the API risk rating, volume of accessible individual taxpayer or superannuation records and your operating model such as hosting and software delivery.
Identifying the requirements that are relevant to your business and meeting compliance obligations can be a daunting process. At Shearwater, we have expert security consultants available to guide you through all the necessary steps including:
- Determining the requirements that are relevant to your business
- Conducting a gap analysis and providing a roadmap for compliance
- Remediation services including technology recommendation and implementation, policy development and setting up necessary controls
- Identifying the certification standard that best aligns with your business goals and budget
- Assisting in self assessment activities and in evidence of compliance submissions to the ATO
Why Shearwater? We offer outstanding customer service, fast response, on-time delivery,
transparency and constant communication throughout all of our engagements.
Get in touch and let us help you achieve your security goals.