All posts by admin

Tickit Systems at the RMIA Annual Conference 2018

Tickit Systems will once again be attending the RMIA Annual Conference and Exhibition, to be held from October 31st to November 2nd at the Sheraton Mirage Resort on the Gold Coast.

The RMIA Annual Conference is the premier risk conference in the Asia Pacific Region, bringing together Risk professionals from all across the region. Boost your influence in the risk management industry, network with key decision makers and discover the latest and hottest topics in risk management.

If you are attending the conference, please come along to Booth 18 to say hello and have a chat.  If you want, our consultants can demonstrate the Tickit On Demand GRC system including our new Accreditor module!

For more information about the conference, please check out the following link:

 We look forward to seeing you there.


  School Accreditation Process


Registration is a non-government school license to operate. Accreditation is a process that authorises a non-government school to nominate candidates for the award of the Record Of School Achievement and/or The Higher School Certificate.

It is achieved after the comprehensive review of Accrediting bodies such as NSW Educations Standard Authority (NESA). Schools must maintain evidence of compliance during any period of registration. The requirements and evidence of compliance include:-

  • Proprietor and principle of the school
  • Staff
  • Curriculum
  • Premises and Buildings
  • Facilities
  • Safe and Supportive Environment

Software programs to assist in the storage of Policy Documents, Procedures and Tasks to provide the evidence required for Registration and Accreditation. This system and structured framework provides an organised and transparent method of record keeping including:-

  • A central repository for Policy Documents
  • A Framework for procedures
  • Task Management
  • Risk Management Framework

The accreditation process of schools is complex. Simplify the challenge using a system that facilitates the Audit and Regulation process by providing a structured approach.



The Importance of Policies and Procedures in Schools

Policies are important because they help a school establish rules and procedures in order to function effectively and ensure everyone is connected.

 policies_procedures image


Schools are highly complex and create standards of quality for learning and safety, as well as expectations and accountability. Without these, schools would lack the structure and function necessary to provide for the educational needs of students.

Some policies will be common throughout all schools, whilst others will be designed specifically for each school. State and Federal based legislation and guidelines will provide the guidance to assist with the development of the content of your policies and procedures. Additional guidelines for example from the National Safe Schools Framework (NSSF) provides further information on the development of policies and procedures.

Other bodies such as the Association of Independent Schools (AIS) provide forums to assist in the drafting and refinement of governance documents in collaboration with teachers, parents, carers, and students.

The policies written by schools should include clear plain language and definition of terms in order to function effectively. Schools must have clear policies and procedures that guide day-to-day processes. These policies cover everything from attendance, to student discipline, to emergency procedures, to the curriculum.

A clear suite of policies and procedures assist in the demonstration of compliance with Corporate governance, Teaching standards, Student welfare and Education programs.





Why ISO 27001:2013 Certification for your Software Vendor should be important to you?

Software and Network Security has taken a new dimension as never before!

Software and Network Security can be a demon when not tamed, giving sleepless nights, service interruption and causing severe damage to any business. At the same time, it can be a soothing musical note when harnessed with systematic implementation of 27001:2013.

What is ISO/IEC 27001:2013 and what does it mean to you

ISO/IEC 27001:2013 (ISO 27001) is the International Standard that describes best practice for an ISMS (Information Security Management System). Achieving accredited certification to ISO 27001 demonstrates that a company is following information security best practice, and delivers an independent, expert assessment of whether your data is adequately protected.

A typical vendor can claim that it follows the standard to give you a peace of mind but there is more to it.

A Vendor’s claim of compliance to best practice is only a small part of the story…

Almost any vendor can claim to have a sound and secure environment and I am not implying that their claims are not genuine. They may think so but their claim lacks one important component; verification. Certification to a well tried and tested standard such as ISO 27001:2013 offers assurance to our clients that our internal processes meet the rigorous levels required by the standard. The independent certification bodies have keen eyes and draw on a rich set of experience to identify anomalies and test the organisational practices within the context of modern security standards.  This was the challenge accepted by Tickit Systems. We opened up our management processes, software development methodology, deployment disciplines, backup procedures, security measures and BCP policy to objective scrutiny by undergoing the certification process.

And the good news is that Tickit Systems is now ISO 27001:2013 certified company and ever-ready to share your success story.




Why is the law changing?

From 22 February 2018 amendments to the Privacy Act 1988 will take effect and introduce a mandatory notification procedure for data breaches. Currently, there are no requirements to notify individuals affected by a data breach. There is a rising threat to the safety and privacy of personal information.

What are the changes?

The Act requires entities to notify individuals whose personal information is breached and the Australian Information Commissioner when an ‘Eligible Data Breach’ (EDB) occurs.

Who do the changes apply to?

The Notifiable Data Breach (NDB) scheme applies to agencies and organisations that the Privacy Act requires to take steps to secure certain categories of personal information. This includes Australian Government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more, credit reporting bodies, health service providers, and TFN recipients.

What is an Eligible Data Breach?

The first step in deciding whether an eligible data breach has occurred involves considering whether there has been a data breach; that is, unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information

Data breach response plan quick checklist






ISO 31000:2018 ‘Risk management – Principles and guidelines’ is the international standard that all businesses need to be utilising as a benchmark. Risks in Schools is highly regulated and is a rather complex concept which is comprised of several functions.

This can be done in 5 steps:

  1. Risk Identification
  2. Risk Analysis
  3. Risk Evaluation,
  4. Risk Monitor and Review
  5. Risk Reporting.

Identifying risks that can occur within your school is the first step in the Risk Management process. Risk Management Analysis and evaluation using a likelihood and consequence table will allow you to rank your risks. Risks that you identify, may have either a positive or negative impact on your school and will obviously vary from one school to another. Some risks may be common across all schools such as cybersecurity issues whereas other risks will be unique such as risks associated with Boarding Schools.

Schools can also identify controls to put in place that will minimize the likelihood of that risk occurring. The steps identified here will form your School Risk Framework.

Risk Management Process





Why On Demand?

The latest version of Tickit is delivered over the internet, on demand. The application is hosted on our fast and reliable servers and this presents our clients with several benefits:


There is no need to install any software on your servers or PCs, all you need is any standard internet browser like IE 6 or 7 and above or Mozilla Firefox 2.0 and above to use Tickit on demand.


  • Tickit on demand updates and upgrades can easily be deployed to your instance of Tickit saving your IT team time.


  • Tickit on demand is hosted professionally in a safe, scalable and fault tolerant environment. Data is partitioned into a per client database with strict access policies.

This means you have a simple, intuitive risk and compliance application that can very rapidly be deployed across your business.