Roles, Access & Separation of Duties
Governance-grade access control for legal work: a ready 14-role matrix, enforced separation of duties, and a tamper-evident audit trail, so every action is authorised and every decision independently reviewed.
14-Role Legal Permission MatrixLive
A ready-made set of 14 named legal-department roles, each carrying exactly the rights it needs, so teams are governed from day one instead of hand-building permissions.
Granular View / Add / Edit / Approve / Close RightsLive
Every action across contracts, cases, investigations, settlements, consultations and requests is governed by fine-grained View, Add, Edit, Approve and Close rights, so each user does only what their role permits.
Restricted Assign & Distribute Work-Allocation RightsLive
Assigning a case to a lawyer or distributing a contract for handling are dedicated, restricted privileges held only by managers and supervisors, so work is allocated by the right authority alone.
Organisational-Structure-Based AccessLive
Permissions can be scoped to the org chart, so a user's rights follow the entities and units they are responsible for and cascade sensibly down the hierarchy.
Enterprise Single Sign-On (SSO)Configurable
Users sign in with their existing corporate identity through the organisation's identity provider, removing separate passwords and centralising joiner and leaver control.
Dynamic Separation of DutiesLive
Whoever drafts or initiates a matter is automatically blocked from approving or closing it, even if their role would allow it, and the rule binds administrators too with no bypass.
Static Role-Conflict ExclusionsLive
Incompatible roles cannot be granted to the same person for the same scope, and no operational role can also be the independent Auditor, so conflicts are stopped at the moment access is granted.
Two-Distinct-Approver (Four-Eyes) EnforcementLive
On multi-step and multi-tier approvals the platform guarantees two genuinely different approvers, so high-value decisions always carry independent review.
Tamper-Resistant Approve & Close TransitionsLive
Sensitive status changes such as approving or closing a matter always demand the specific approve or close right and can never be slipped through a broader general edit permission.
Delegation-of-Authority Signing LimitsConfigurable
Approvals that require formal signing authority are checked against verifiable delegation-of-authority evidence and value limits, so only a properly authorised person can sign off at a given value.
Role-Aware Login & Persona LandingLive
When users sign in they land directly on the workspace built for their role: a command centre for the Legal Director, the service desk for a requester, compliance for an auditor.
Role-Scoped Navigation & Action GatingLive
The sidebar, menus and on-screen action buttons adapt to each user's role, showing only the areas and controls they are entitled to use.
Persona Switcher for Multi-Role UsersLive
Users who legitimately hold more than one legal role can switch between them from a single control, instantly re-scoping their workspace without logging out or holding multiple accounts.
Effective-Permissions Session ContractLive
The application always knows a signed-in user's precise effective permissions, keeping the interface and the enforced rules in step so users never see actions they will later be denied.
Immutable Audit Log of All OperationsLive
Every material action — who did what, to which record, and when — is recorded to an append-only trail that cannot be altered or deleted, giving a complete, trustworthy history.
Data Encryption at Rest & in TransitLive
Sensitive personal and legal information — investigation details, settlement terms, contract parties and payment terms — is encrypted at the application layer and in transit.
Tenant Data IsolationLive
Each organisation's data is strictly isolated at the database level, so one tenant's information can never be reached from another even through a compromised query.
In-Kingdom Data Residency EnforcementConfigurable
The platform can enforce that a tenant's legal data stays within a defined geographic boundary, backing sovereignty commitments with a technical control rather than a policy promise.
Attribute-Based Access RefinementConfigurable
On top of role-based rights, tenants can layer optional attribute rules — for example limiting visibility to a specific department — for finer control where a role alone is too broad.
One-Click Governance Provisioning for New TenantsConfigurable
Standing up a new legal department automatically applies the full governance baseline — the 14-role matrix, separation-of-duties rules, service catalog, working calendar and approval templates — so a new organisation is fully governed from first login.
See this in your own environment
Governance-grade access control for legal work: a ready 14-role matrix, enforced separation of duties, and a tamper-evident audit trail, so every action is authorised and every decision independently reviewed.