Developer portal
Compliance status
A transparent view of what is in place now and what remains on the roadmap.
Last updated: 2026-06-09
Current assurance status
Qtangl maintains a documented security program with policy, access control, logging, and operational procedures. Enterprise trust artifacts are available during procurement and security review cycles.
SOC 2 and external testing
- SOC 2 control implementation and evidence collection are active internal workstreams.
- Independent penetration testing is planned on a recurring cadence for production deployments.
- Critical findings from internal or external tests are tracked through remediation SLAs.
Framework mapping coverage
| Field | Type | Required | Description |
|---|---|---|---|
| SOC 2 CC series | in progress | Yes | Controls are being documented and operationalized; no active certification claim is made. |
| ISO 27001 style controls | partial mapping | Yes | Selected controls are mapped internally for policy and evidence organization. |
| NIST CSF functions | reference mapping | Yes | Program-level controls are tagged to identify, protect, detect, respond, and recover functions. |
| CAIQ/SIG responses | available under NDA | Yes | Questionnaire responses can be shared during enterprise diligence under appropriate agreements. |
How to request evidence
Enterprise customers can request current policy summaries, architecture documentation, and testing statements through the support channel. Some artifacts require NDA or commercial status before release.
See also data residency and incident response.
Found an issue? Report documentation feedback