ENTERPRISE SECURITY · PUBLIC SECTOR READY

Built to meet public-sector security and procurement requirements

AMP is deployed on Microsoft Azure with M365 / Entra ID SSO, role-based access control, full audit logging, and a security posture aligned to public utility governance standards.

Microsoft Azure Entra ID SSO Role-Based Access Full Audit Trail TLS 1.3 Encrypted OR & WA MBE

Platform Architecture

99.9% SLA

Cloud Hosting

Azure App Service and Azure SQL Database. US-hosted. 99.9% uptime SLA. Azure-managed infrastructure security, patching, and availability.

SSO

Authentication

Microsoft Entra ID (Azure Active Directory) SSO. Your agency's existing M365 credentials. No new passwords. No separate identity system.

Encrypted

Data Layer

Azure SQL Database with encrypted connections. TLS 1.3 in transit. Azure encryption at rest. Database-level access controls aligned to role assignments.

Access Control

Every user sees exactly what their role permits — nothing more.

Agency Administrator

Full platform access, user management, configuration, audit log access.

Program Manager

Full project access within assigned programs, reporting, document management.

Project Team Member

Assigned project access, data entry, workflow participation.

Contractor / Consultant

Scoped access to assigned projects only, no cross-project visibility.

Every action logged — user, timestamp, before/after state, IP address.

Data Governance

Your Data. Your Control.

Data Residency

Your program data is stored in US-based Azure regions. AMP does not transfer data outside the United States.

Data Ownership

Your data remains yours. AMP does not sell, share, or use client program data for any purpose outside service delivery.

Data Portability

Export your data at any time. Full program records, documents, and reports exportable on request.

Retention & Backup

Automated daily backups. Configurable retention periods. Point-in-time recovery available.

Audit & Compliance

Audit-Ready by Design

AMP was built from the ground up for public-sector accountability. Every mutation — cost entry, change order approval, document upload, role change — is logged with user identity, timestamp, and record state.

AMP audit logs are designed to satisfy state audit, federal reimbursement audit, and public records requirements.

Immutable action log Who changed what, when, and from what previous state.

Federal funding documentation trail IIJA, SRF, DWSRF reimbursement-ready audit documentation.

Board-reportable audit evidence Defensible documentation for public agency governance.

Deployment Options

Deploy the way your organization requires

SharePoint Online

AMP Essentials — SharePoint Online SaaS

Runs in AMP's managed Microsoft 365 tenant. Your users authenticate with their existing M365 credentials via Entra ID SSO. No infrastructure management required.

Fully managed Entra ID SSO

Cloud SaaS

AMP Essentials — Cloud SaaS

Modern React + Azure App Service deployment. No SharePoint dependency. Entra ID SSO. Fully managed by AMP.

No SharePoint needed Azure hosted

Self-Hosted

AMP Essentials — Site Templates

Purchase templates, Power Automate flows, and Power BI reports. Deploy in your own M365 tenant. Your infrastructure, your data residency, your IT team in control.

Your tenant Full IT control

Public Agency Procurement

AMP is structured to work with public agency procurement requirements.

OR MBE & ESB certified (Certificate #10297)

WA MBE certified (M5M0028131)

Available for direct procurement, sole-source justification support, or cooperative purchasing

Security documentation available on request

Implementation scopes available for RFP attachment

Pilot program structures available for agencies evaluating PMIS modernization

OR MBE & ESB Certified

Certificate #10297

WA MBE Certified

M5M0028131

Our team works directly with public agency IT, procurement, and legal staff to provide required documentation.

Request Security Documentation →

FAQ

Common Security Questions

Does AMP support multi-factor authentication?

Yes. MFA is enforced through Microsoft Entra ID. AMP relies on your agency's existing M365 MFA policy.

Where is our data stored?

Program data is stored in Azure SQL Database in US-based Azure regions. AMP does not transfer data outside the United States.

Can contractors access our internal program data?

No. Contractor access is scoped to assigned projects only. Cross-project visibility requires explicit administrator grant.

What happens to our data if we stop using AMP?

Your data remains yours. AMP provides a full export of your program records, documents, and reports within 30 days of contract termination.

Is AMP SOC 2 certified?

AMP is building toward SOC 2 Type II certification. Current security controls align to SOC 2 principles. Security documentation is available for agency procurement review on request.

Questions about security or procurement?

Our team works directly with public agency IT, procurement, and legal staff.

Contact Our Team →

Book a Demo