Trust and accountability

Security is part of the operating model.

Nizam treats access, audit, and workspace boundaries as core infrastructure. Permissions follow the person, the role, the teamspace, and the suite.

Sessions are scoped to Nizam and the workspace boundary, so users see only the institutions and suites they can access.

Publishing, approving, exporting, managing members, and critical actions are capability based, not hidden in copy.

Important changes should answer who changed what, when, why, and what changed across the workspace.

Workspace isolation

Each organization is its own boundary. Roles, invites, sessions, content, files, submissions, and records belong to that workspace.

Drafts, reviews, approvals, publish states, and destructive actions are designed to make changes visible before they affect the institution.

No scattered accessOne permission model for every suite.

Traceable changesAudit trails support accountability.

Role-aware UIThe interface reflects what a user can do.