Compliance mapping
This page distinguishes controls in current launch scope from roadmap controls that are planned but not yet complete.
| Control domain | Current | Planned |
|---|---|---|
| Access control | Role-scoped product access and tenant-scoped operational workflows. | Expanded enterprise SSO policy controls and additional provisioning automation. |
| Change management | Policy rollout checkpoints, rollback paths, and receipt logging in Axis. | Additional policy approval workflows and broader release-gate automation coverage. |
| Audit evidence | Operational receipts and telemetry metadata for rollout reconstruction. | Expanded evidence export templates aligned to customer compliance workflows. |
| Incident handling | Documented security intake path and triage target windows. | Public status endpoint publication and expanded customer incident communication templates. |
| Formal attestations | No claim of completed certification attestations on this page. | Attestation roadmap items may be published after completion and legal review. |
Current-state controls
- Transit-policy enforcement through Aegis with scoped rollout operations in Axis.
- Operational telemetry and receipts retained for rollout and incident review workflows.
- Documented security disclosure intake channel and triage targets.
Roadmap framing (planned)
- Planned items on this page are not represented as completed attestations.
- Roadmap timing and scope depend on engineering, customer requirements, and legal review.
- Public wording should be updated only when evidence and approvals are available.