Cabinet-grade security. Sovereign by design.
The platform is engineered around Government policy, the principle of least privilege, and provable accountability , at every layer, from identity through encryption to data residency.
Identity & Access
Role-based access control with multi-factor authentication, granular per-document permissions, and delegated authority appropriate to Cabinet sensitivity.
Audit & Accountability
Comprehensive, tamper-resistant audit logs for user access, workflow actions, document activity, approvals and administrative changes , attributable, time-stamped and exportable.
Data Protection Baseline
Data protected in transit and at rest using approved cryptographic controls. Defence against unauthorised access, alteration, disclosure and loss.
Penetration Testing & VA
Pre-production vulnerability assessment and penetration testing covering application, interfaces, authentication controls, administrative functions and supporting infrastructure.
Encryption Key Management
Keys protecting Government data remain under GoSVG control or a Government-approved arrangement. The Supplier has zero access to production encryption keys unless expressly approved in writing.
Data Sovereignty & Residency
Cabinet data residency, processing locations and recovery sites operate within Government-approved boundaries, fully aligned with GoSVG policy.
Universal access, no client install
The platform is compatible with Google Chrome, Safari, Firefox and Microsoft Edge, and provides a fully responsive interface that functions on tablets and smartphones through the browser , without requiring a separate native mobile application for core functionality.
The preferred Government technology stack will be confirmed at the Pre-Bid meeting.