QCIF Digital Research is pleased to announce that KeyPoint has achieved ISO/IEC 27001 certification, following an independent, external audit by Intertek SAI Global.

This internationally recognised certification confirms that KeyPoint meets the global standard for information security management and risk governance.

KeyPoint is QCIF Digital Research’s Secure Access Environment, also known as a Trusted Research Environment. The platform enables data custodians across academia, government, and industry to securely manage and share sensitive data with approved collaborators.

Access is provided through secure, remote virtual desktops, ensuring data custodians' full oversight and control of their data at all times.

A key differentiator of KeyPoint is its Vault: a self-contained, ring-fenced and governed environment that supports multiple research activities, datasets and users. The Vault enforces tightly controlled access and strict project separation at the desktop level, so users can only view the datasets explicitly linked to their approved research activity.

For QCIF Digital Research, this is an important milestone that reflects our commitment to best practices in data security.

“Data-derived insights and innovation rely on access to data aligned with FAIR principles. However, critical datasets for use in research and development are often sensitive and rightly require additional protections.

KeyPoint is positioned to be a critical national enabler in catalysing discovery and translation, facilitating collaboration across academia, governments and industry underpinned by trust,” said QCIF Chief Executive, Adjunct Professor Sach Jayasinghe.

Why it matters

For a Trusted Research Environment, trust is essential. ISO/IEC 27001 provides assurance that information security risks are formally assessed, monitored, and managed, underpinned by strong governance, accountability, and oversight.

Achieving ISO/IEC 27001 certification is particularly significant for KeyPoint, given the types of highly sensitive information it may hold—including personal, health, environmental, government, and commercially sensitive data.

As such, this certification provides independent assurance that data is protected across its entire lifecycle, from secure access and analysis through to controlled release of outputs, in line with international best practices.

It also reflects QCIF Digital Research’s ongoing commitment to adopt and implement globally recognised standards in information security and trusted research infrastructure.

Stephen Bird, QCIF’s Chief Technology Officer, explains that this achievement reflects a deep organisational understanding that effective information security has to enable, rather than restrict, high-quality research outcomes.

“QCIF recognises the unique security, governance, and collaboration requirements of scientific and academic research, including the need to support openness, data integrity, and responsible information sharing.”

“The ISO/IEC 27001 certification confirms that these needs are addressed through clearly defined governance, controls, and assurance processes. Moving forward, we will continue to maintain and improve our information security practices as part of our long-term commitment to supporting trusted, secure, and resilient research services.”

We are proud to share this milestone with our members and partners. Our current KeyPoint users entrusted us to deliver an analysis environment that takes the protection of sensitive data seriously.  Independent certification validates QCIF’s efforts with KeyPoint.

For more information about KeyPoint and to book a demonstration, contact keypoint@qcif.edu.au.