OreLynx trust centre

The Evidence Your Security and Procurement Teams Need

Review security, privacy, reliability, support and shared responsibilities before rollout. Detailed evidence is aligned to the deployment and service scope you select.

Review the Decision by Risk Area

Each area separates the control objective, deployed mechanism, test evidence, accountable owner, known limitations and contractual boundary.

Security

Evaluate identity, authorisation, tenant boundaries, secrets, cryptography, logging, vulnerability handling and incident response.

Review security questions →

Privacy and Data

Identify data categories, roles, locations, transfers, providers, retention, deletion, access paths and customer responsibilities.

Review data questions →

Reliability and Support

Define availability, maintenance, monitoring, backup, recovery, support coverage, escalation and exclusion requirements.

Review service questions →

Minimum Evidence for a Production Decision

  • A dated architecture and data-flow review that matches the selected deployment.
  • Test results for tenant isolation, authorisation, recovery and high-risk failure paths.
  • A current provider, subprocessor, data-location and retention register.
  • Approved service, support, incident, exit and shared-responsibility terms.
  • Named owners for open findings, exceptions and evidence renewal dates.
Share your assurance requirements