Skip to main content

Concepts

This section explains the key concepts behind QAudit: how the platform models data, who can access what, and how compliance evidence is produced.

The pages in this section cover:

  • Organisations and tenants — the two-level identity model: who contracts with QAudit, and how data is partitioned and isolated within that contract.
  • Events — the fundamental unit of data: what an event is, what it contains, and how it flows through the platform.
  • Platform events — events emitted by QAudit itself to record lifecycle and integrity milestones on the chain.
  • KPIs and settlement — how raw events are aggregated into measurable compliance indicators, and what "settlement" means for a KPI period.
  • Evidence packs — the tamper-evident artefacts produced at the end of a KPI period, and the tiers of temporal attestation available.
  • Data sovereignty — where data is stored, who can access it, and what the SecNumCloud perimeter means in practice.
  • Data API (planned) — programmatic access to events, KPIs, and evidence packs.