Ask AwraIQ about features, pricing, onboarding, login, integrations, security, demos, mobile apps, automation, reports, or support.
AWRA OpsHub
Loading workspace...
Use this public status center to review AWRA OpsHub’s security, privacy, audit, retention, and governance posture before procurement, legal, or internal risk review.
Last Reviewed
June 6, 2026
Public Posture
Available
Review Mode
Evidence-led
Control Coverage
The status below describes product and operational controls available in AWRA OpsHub. It is not a certification claim; formal contract terms remain governed by the applicable customer agreement.
Application records, reports, audit logs, and security views are scoped by organization context.
MFA setup, recovery code rotation, privileged MFA enforcement, and login activity monitoring are active controls.
Security, file upload, deleted-record, impersonation, retention, and privacy events are captured for review.
Organization retention policies prune eligible records and write purge evidence into audit history.
Organization admins can export user personal data and perform audited erasure/anonymization workflows.
Webhook endpoints use throttling and continue to rely on signature and organization isolation tests.
Sensitive uploads validate detected MIME type, store private files, randomize names, and write upload audit records.
Trust center documents, DPA overview, SLA summary, and security whitepaper are public.
Assessor View
Compliance reviewers usually need to map controls to owners and evidence. This matrix gives teams a quick starting point before requesting deeper documentation.
| Area | Controls | Evidence | Owner |
|---|---|---|---|
| Access control | Roles, permissions, plan gates, admin policies | Audit logs, login activity, device trust, impersonation records | Security / Organization admins |
| Data protection | Organization boundaries, private disks, encrypted MFA secrets, upload validation | File upload logs, security tests, DPA overview | Platform engineering |
| Privacy rights | User export, erasure/anonymization, token/session revocation | Privacy audit events, GDPR export payloads | Organization admins / Support |
| Retention | Organization retention policies, scheduled prune command, dry-run reporting | Compliance audit record with cutoff and affected rows | Compliance / Platform ops |
| Operational monitoring | Status page, scheduler heartbeat, health checks, system logs | Status board, service health, system log retention | Operations |
| Procurement review | Public trust resources, legal references, evidence packs | Trust Center, DPA, SLA, Security Whitepaper | Commercial / Legal |
Privacy & Evidence
AWRA supports evidence-based reviews through audit logs, compliance evidence packs, data retention policies, login activity monitoring, device trust controls, and GDPR export/erasure workflows.
Architecture, access control, encryption, operational hardening, and secure delivery practices.
Controller and processor responsibilities, subprocessor governance, and transfer safeguards.
Availability commitments, incident lifecycle, support paths, and service continuity expectations.
A single hub for privacy, security, reliability, compliance, and procurement review resources.
Data Rights Workflow
The user export and erasure path is designed for organization admins handling subject requests inside operational systems where records, approvals, and financial history still need integrity.
01
Find the organization user subject and confirm the request belongs to the correct organization context.
02
Generate a structured personal-data export that excludes secrets and includes profile, assignments, devices, and audit activity.
03
Anonymize identifiers, revoke access, remove role assignments, soft-delete the account, and preserve operational integrity.
04
Write a privacy audit event with actor, target, organization, request, and hashed original identifiers.
Review Readiness
MFA and recovery-code rotation are implemented.
Privileged accounts cannot bypass recommended MFA.
Login activity and failed known-account attempts are monitored.
File uploads are audited for sensitive private workflows.
Deleted organization records write delete audit coverage.
Retention purges produce system compliance evidence.
GDPR export and erasure workflows are available for organization users.
Public trust, DPA, SLA, and security resources are published.
Data Rights
Organization user personal-data export and audited erasure/anonymization support internal privacy operations.
Evidence
Sensitive changes, purge evidence, file uploads, deleted records, and authentication events are reviewable.
Governance
Security controls are maintained as part of ongoing product hardening, release review, and operational monitoring.
Send your review checklist and the team can help map AWRA controls, public resources, and customer-specific contractual needs.