Security and Trust — R.I.C.H.O.
Securitybydesign.Onlyverifiedstatements.
R.I.C.H.O. security documentation uses only accurate, verifiable language. We do not claim certifications we do not hold, compliance we have not verified, or audits that have not occurred. Where controls are planned or in development, they are labelled as such.
Security Principles
Six security principles.
Security is architectural in R.I.C.H.O. — not a layer applied after the fact. These principles guide every design decision.
Security by design
Security controls are architectural — not applied after the fact. Every component is designed with explicit security boundaries.
Least-privilege access
Every identity, role, and integration operates with the minimum permissions required. No implicit elevation.
Continuous observability
All system events, access attempts, and state transitions are logged, monitored, and available for audit.
Explicit failure modes
Failure modes are documented and tested. The system fails safely — not silently.
Environment separation
Development, staging, and production environments are strictly separated with independent access controls.
Continuity and resilience
Backup, recovery, and continuity procedures are documented, tested, and available for review.
Trust Architecture
Ten trust layers.
The R.I.C.H.O. trust model is structured across ten layers — from identity verification to continuity and resilience.
Identity
MFA-enforced identity verification. All access is attributed to a verified identity.
Access Control
Role-based, context-aware access control with explicit permission grants and audit logging.
Decision Rights
Authority boundaries encoded structurally. No permission escalation without explicit human approval.
Data Handling
Data classification, handling requirements, and retention policies applied at ingestion.
Evidence Custody
Tamper-evident evidence records with chain-of-custody documentation for all governed workflows.
Auditability
Complete, attributed audit trails for all system events, decisions, and state transitions.
Test Assurance
Acceptance criteria and test requirements for all governed outputs before human review.
Human Review
Mandatory human review gates for all consequential decisions and external actions.
External-Action Gating
No external action without explicit human authorisation. The system stages; humans act.
Continuity and Resilience
Documented backup, recovery, and continuity procedures with tested restoration capability.
Security Controls
Controls and current status.
Each control is listed with its current implementation status. We use accurate language — not marketing language.
HTTPS everywhere
All communications encrypted in transit. HSTS enforced.
Secure headers
Content Security Policy, X-Frame-Options, and other security headers configured.
Rate limiting
API and form rate limiting to prevent abuse and denial-of-service.
Input validation
Server-side input validation and output encoding for all user-supplied data.
CSRF protection
Cross-site request forgery protection on all state-changing operations.
MFA
Multi-factor authentication required for all privileged access.
Dependency scanning
Automated dependency vulnerability scanning in the development pipeline.
Secret management
Secrets managed via dedicated secret management — not exposed in code or configuration.
Encryption at rest
All stored data encrypted at rest using current-generation encryption standards.
Logging and monitoring
Comprehensive security logging with alerting for anomalous events.
Vulnerability reporting
Responsible disclosure contact available. See security contact below.
Independent security review
Independent security review has not yet been completed. Planned for future evaluation phases.
SOC 2 / ISO 27001
Certification has not yet been completed. Not claimed until independently verified.
Penetration testing
External penetration testing planned. Results will be available to qualified evaluators under NDA.
Interactive Tool
Security Posture Checker
Check which security controls your organisation currently has in place and see your posture score.
Check each control your organisation currently has in place. This is a self-assessment — not a formal audit.
Responsible Use
What R.I.C.H.O. will not do.
These constraints are structural — not advisory. They are encoded into the system's authority model and cannot be overridden by instruction.
R.I.C.H.O. will not independently make legally binding commitments.
R.I.C.H.O. will not independently spend money.
R.I.C.H.O. will not sign agreements.
R.I.C.H.O. will not publish externally without approval.
R.I.C.H.O. will not contact buyers or authorities without approval.
R.I.C.H.O. will not accept legal, financial, security, or deployment risk on behalf of an organisation.
R.I.C.H.O. will not fabricate evidence or claim verification that has not occurred.
Security questions for your evaluation.
Request a structured evaluation to review R.I.C.H.O. security architecture, controls, and governance against your organisation's requirements.
Security documentation is available under controlled access for qualified evaluators.