Batu Merah

Trust & governance

How we operate a Human-led HSE consultancy supported by a controlled AI Engine.

Operating principle

Every client-facing output — findings, recommendations, corrective actions and reports — is reviewed and approved by a competent HSE professional before it is released. The AI Engine assists with structuring, drafting and analysis. It never issues advice directly to clients.

Controlled deliverables

  • Reports follow a draft → internal review → approval → issue lifecycle.
  • Findings are not visible to clients until shared by a consultant.
  • Internal notes and AI runs are never exposed in client views.
  • Versions are preserved; superseded reports remain auditable.

Evidence-based practice

  • Findings reference the source evidence they rely on.
  • Confidence levels and limitations are stated explicitly.
  • Jurisdiction and high-risk activity prompts trigger explicit caution checks.

Audit trail

Status changes, assignments, approvals, issues and role changes are recorded in immutable audit logs accessible to platform administrators.

Tenant isolation

Client organisations are isolated by row-level security at the database level. Users only see data belonging to their own organisation, except for assigned consultants and platform administrators operating under documented access rules.

Production readiness

The platform is offered for controlled internal demonstration and pilot engagements. Production use is gated on completion of independent security review, manual access-control verification and legal / privacy review for the relevant jurisdiction.