Trust & Security

Beil Audit handles regulated financial data. Security is engineered into the platform from the database up.

Identity & access

• Email/password and OAuth sign-in with leaked-password protection (HIBP).
• Role-based access control: Admin, CFO, Internal Audit, External Auditor (read-only).
• Per-device and global sign-out controls in user settings.

Data protection

• TLS 1.2+ in transit; encryption at rest for database and object storage.
• Row-level security on every customer-data table; service-role keys are server-only.
• Evidence exports are SHA-256 hashed and logged for chain-of-custody.

Audit integrity

• Closed audit flags are immutable (AS 1215); only admins may reopen, and the action is logged.
• Compliance rules are versioned — every flag references the rule version that produced it.

Responsible disclosure

Report vulnerabilities to security@beilaudit.com. We acknowledge within 2 business days and do not pursue good-faith researchers.

Compliance roadmap

SOC 2 Type II in progress. PCAOB-standard alignment validated against AS 1105, 1215, 2201, 2401, ASC 606, and ASC 842.