Skip to main content

Compliance & Security

Security and compliance documentation for the Equa equity management platform. This section covers access controls, data protection, encryption, audit logging, and incident response procedures.

Documents (8)

DocumentCategoryDescriptionStatusLast Updated
Security ArchitectureOverviewPlatform security posture, threat model, standards (SOC 2, GDPR, SEC)DRAFT2026-02-21
Access Control ModelAccess ControlAuthentication, authorization, RBACDRAFT2026-02-21
Audit Trail DesignMonitoringActivity logging, audit trail, log retentionDRAFT2026-02-21
Data Privacy & GDPRData ProtectionPII handling, GDPR/CCPA compliance, data inventoryDRAFT2026-02-21
Equity Regulatory ComplianceRegulatoryEquity management regulations by jurisdictionDRAFT2026-02-21
Data Retention PolicyData ProtectionData classification, retention schedules, deletionDRAFT2026-02-21
Incident Response PlanIncident ResponseResponse procedures, escalation, communicationDRAFT2026-02-21
SOC 2 PreparationComplianceSOC 2 Type II readiness and trust service criteriaDRAFT2026-02-21

Compliance Frameworks

Documentation in this section is structured to support:
  • SOC 2 Type II — Trust service criteria (security, availability, confidentiality)
  • Internal controls — Equa-specific security policies and procedures
  • Customer due diligence — Information for enterprise customer security reviews

How to Document a Control

  1. Copy templates/compliance-control.md into compliance/.
  2. Assign a Control ID and map to the relevant framework.
  3. Cite implementation evidence from the codebase.
  4. Update this index and README.md when the status changes.