Included
Public product status, public trust statements, public connector truth, and public company attestations repeated on the site.
Public evidence register
Key public claims, with source and verification path.
This register is limited to public website truth and existing public attestations. It is not a customer-specific diligence pack and does not claim more than the public site can support today.
Scope of this register
Each row answers three questions: what the claim is, which public surface supports it, and how a buyer can verify it.
Not included
Private customer reports, unpublished roadmap promises, internal implementation details, and deployment-specific runtime data not exposed on public pages.
How to use it
Treat it as a website truth index. If a claim matters to procurement, use the verification link before repeating it externally.
Standard of proof on this page
This register only points to public surfaces a buyer can inspect directly from the website.
Good enough for this register
A public page with clear wording, a public attestation repeated on the site, or a published public maturity label.
Not good enough for this register
Private calls, unpublished internal notes, source code that is not part of the public website surface, or broad inference from adjacent capability.
Why the bar is narrow
A narrow bar reduces the risk of accidental overstatement and gives enterprise buyers a cleaner verification trail.
Product boundary
These rows are limited to public, inspectable support.
Public page
Claim
IdentityFirst MRI is the public starting point. IdentityFirst Core is controlled rollout. IdentityFirst Enhanced and IdentityFirst AISF remain private beta.
Evidence source
The public product status page.
Verification path
Open the product status page and inspect the public stage labels shown for each product.
Operating boundary
These rows are limited to public, inspectable support.
Public page
Claim
Assessment-led engagements start read-only so IdentityFirst can show value without changing production systems first.
Evidence source
The public trust page and the public product status page.
Verification path
Inspect the read-only guarantee wording on the trust page and the summary wording on the product status page.
Public page
Claim
Where write-capable workflows exist in higher tiers, they require explicit human approval. No autonomous remediation claim is made in public website copy.
Evidence source
The public trust page and the public about page.
Connector truth
These rows are limited to public, inspectable support.
Public page
Claim
The public connector catalog is published with explicit maturity counts: 5 GA, 9 beta, and 55 experimental.
Evidence source
The public integrations page.
Verification path
Open the integrations page and inspect the published maturity counts and connector labels directly.
Reporting boundary
These rows are limited to public, inspectable support.
Public page
Claim
MRI reporting is publicly described as cross-referencing findings to ISO 27001, SOC 2, NIST CSF, CIS Controls, DORA, and NIS2.
Evidence source
The public GRC page.
Verification path
Review the GRC page wording. The public claim is cross-reference support, not certification or guaranteed audit outcome.
Public attestation
These rows are limited to public, inspectable support.
Public certification statement
Claim
IdentityFirst publicly states that it is Cyber Essentials Certified.
Evidence source
The trust page and the site footer.
Verification path
Check the certification statement shown on the trust page and repeated in the footer.
Public registration statement
Claim
IdentityFirst publicly states that it is ICO Registered under reference ZC031428.
Evidence source
The trust page and the site footer.
Verification path
Check the ICO reference on the trust page and confirm the same reference appears in the footer legal line.
Programme status
These rows are limited to public, inspectable support.
Public programme status statement
Claim
IdentityFirst publicly states that the SOC 2 Type II programme is in progress. It is not presented as completed certification.
Evidence source
The about page and the site footer.
Verification path
Review the about page and footer wording to confirm the status is described as in progress rather than completed.
If a claim is not in the register, do not treat it as public proof.
That is the point of this page. It keeps the website honest, gives enterprise buyers a verification route, and reduces accidental overstatement in live conversations.