Trust
Platform security FAQ
Practical answers to common security and procurement questions about platform operation, data handling, and governance controls.
For: procurement, enterprise security assurance, legal/compliance, and technical due diligence.
Last updated: 28 April 2026
Is tenant data isolated?
Yes. Data access and mutation paths are tenant-scoped by design, and privileged operations are authorization- checked in tenant context before execution.
Who can access uploaded reports and findings?
Access is role-controlled within the tenant workspace. Privileged and sensitive actions are logged as audit events for accountability and investigation support.
Platform operators do not have unrestricted blanket visibility; access follows explicit role context and support workflows, with accountability preserved through append-only event capture.
Are snapshots mutable after publication?
No. Board packs and generated report snapshots are immutable once created, preserving governance integrity and historical decision evidence.
How is access controlled?
Access control is enforced through authenticated sessions, scoped authorization logic, and tenant-aware checks across server-rendered pages, APIs, and mutation endpoints.
What happens when a tenant leaves?
Offboarding follows defined retention and deletion policies, including handling of required legal or governance records. Customer-specific data is processed according to contractual and regulatory obligations.
Can exports be restricted?
Yes. Export access can be governed through workspace role policy and operational controls to limit distribution to authorized stakeholders.
This allows teams to align board-pack and report distribution with internal governance policy and prevent over-sharing of sensitive risk evidence beyond approved recipients.
Are actions audited?
Yes. Sensitive operations are tracked through append-only audit events to preserve accountability and support compliance and forensic workflows.