Skip to content

Compliance and Privacy

At MYOB, we comply with leading security industry standards, Australian and New Zealand government regulation security requirements (where applicable) and the Australian and New Zealand Privacy Acts. Our ongoing investment in assurance practices ensures MYOB remains compliant with security standards and regulations.

ISO 27001

ISO 27001 is an international standard specifying a framework for information security management system (ISMS) and information risk management.MYOB's ISMS governs the secure development, operation, and support of the delivery of SaaS products and connected services performing business management, tax accounting, payroll, employer, or superannuation functionality operated by the MYOB technology teams in accordance with the organisational Statement of Applicability.

To verify the MYOB’s ISO certification, refer to the certificate here.


The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for the handling of credit card information. The standard was created to improve protection of cardholder data to reduce credit card fraud. MYOB ensures compliance with PCI DSS for our payment card processing services.


MYOB complies with the Australian and New Zealand privacy laws. Our privacy policies set out information on how we collect, hold, use, and disclose personal information. Please refer to MYOB Group Privacy Policy (Australia) and MYOB Group Privacy Policy (New Zealand) for more details.

Information security reviews

MYOB is subject to regular independent reviews including ISO 27001 and PCI DSS. Technical security reviews and testing of information systems are performed regularly in line with MYOB’s information security policy and standards.


All MYOB employees undertake relevant Compliance, Ethics and Privacy training when they start working at MYOB, followed by periodic refresher training.