Security foundations
Security and governance controls, explained clearly.
Explore identity, permissions, sign-off integrity, auditability, and reporting controls in the same governed workflow that runs day-to-day assessment delivery.
Security
Security and governance controls built into the workflow.
Impact Assessment embeds access control, auditability, and sign-off directly into assessment delivery so governance is part of the work, not an afterthought.
Role-based access and permission control
Structured sign-off workflows
Audit signals across task and assessment activity
Report snapshots for controlled review
Identity and session controls
Secure access and session handling
Authentication and session behaviour are designed for secure, controlled access.
- Secure session handling using HTTP-only cookies
- Production-ready cookie security attributes
- Central session clearing and control
- Support for password, OAuth2, and passkey-based login
Authorization and permissions
Granular control over who can do what
Access is governed by a combination of user permissions, roles, and plan-based policies.
- Role-based and direct permission models
- Effective permissions resolved across roles and memberships
- Plan-based policy enforcement for feature access
- Route and action-level permission validation
Passkey sign-off
High-assurance sign-off for governance workflows
Impact Assessment supports secure sign-off processes using passkey-based verification.
- Sign-off requires authenticated user and correct permissions
- Verification of signer identity and assignment
- Challenge-response validation with bounded lifetime
- Capture of signature metadata such as timestamp and context
Auditability and review controls
Traceable activity across the assessment lifecycle
The platform generates audit signals as work progresses, supporting governance and review processes.
- Audit events generated during task and workflow activity
- Notifications linked to key events such as sign-off
- Report snapshots with versioning for controlled review
- Outputs derived directly from completed work
Governance-aligned reporting
Outputs designed for review and assurance
Reports are generated from live assessment data and aligned to governance expectations.
- Snapshot-based report versions
- Template-aware report generation
- Consistent structure across outputs
- Alignment between completed work and reported outcomes
Procurement security pack
Security material for procurement and assurance review.
Download the procurement security pack for a structured overview of access controls, governance workflows, reporting controls, and review-readiness details typically requested during assessment and onboarding.
Security review and deployment
Engage early for security and deployment discussions.
Security, deployment, and operating model discussions are handled as part of onboarding. For organisations in Australia, these conversations are led by Beacon & Stone as the delivery partner.