Essential Eight Maturity Level Two aligned by design.
The Getup Solutions AI Transformation Platform is engineered with Australian Essential Eight Maturity Level Two controls applied across authentication, access, logging and patching. We are evidence-ready for future assessment. Getup Solutions Pty Ltd does not claim “Essential Eight certified” or “Essential Eight compliant”.
MFA enforced for admin/privileged users (TOTP today, passkey-ready)
Role-based access control & least-privilege with Supabase RLS
Append-only audit logs for auth, admin actions and data changes
Backup & restore, incident response, dependency-patch policies
MFA upgrade path
Phase 1 uses Supabase TOTP authenticator-app MFA as the initial admin MFA control. Documented upgrade paths include phishing-resistant authentication via passkeys / WebAuthn and enterprise SSO via Microsoft Entra ID for future Essential Eight Maturity Level Two assessment readiness.
Full control mapping: see docs/ESSENTIAL_EIGHT_ML2.md in the platform repository.