People · Governance

Governance you can hand to the auditor.

Name: People Governance
Brand: Fyboard
Availability: InStock

Read-only access. Versioned rules. Every change carries an actor, a timestamp and an IP — no CSV dumps, no spreadsheets, no surprises.

RBAC matrixAudit-trailedSOC 2 readyRead-only export

Get started Compare to Rippling

Governance · liveAudit-trailed

RBAC · employee scope

RoleRWAE

HR Admin

Manager

Auditor

Recent audit

RP
Updated payroll lock
Reema Patel · 10.4.21.6
10:18
DC
Granted Auditor role
Diego Cruz · 10.4.21.18
09:41
AL
Exported headcount
Ana López · 10.4.21.41
09:02

Read-only exportJSON · CSV · API

100%

Audit-trailed

SOC 2

Ready

The governance gap

Most HR systems weren't built to be audited.

Three patterns repeat across every people platform. They're invisible until the auditor walks in — or the regulator does.

No trail

Salaries change. Roles flip. Records are edited. Auditors find it weeks later — if at all.

Everyone is admin

RBAC is a tab nobody opens. Manager dashboards leak comp data. Permissions sprawl quietly.

CSV-as-audit

Auditors get a spreadsheet dump every quarter. Versioning lives in filenames. Trust erodes.

RBAC matrix

Roles. Capabilities. Scopes.

Permissions modelled per capability bundle, not per page. Scoped roles pin access to direct reports, business units or time windows.

RBAC matrix · employee scope

OnScopedOff

RoleReadWriteApproveExportDelete

HR Admin

Owns lifecycle & policies

Manager

Direct reports only

Finance

Comp & payroll bundle

Auditor

Read-only · time-boxed

Audit log

Every change. Replayable.

Audit events carry actor, IP, timestamp and before/after diffs. Filterable, searchable, exportable — and pinned to the rule version that was live.

Audit timeline · last 6 events100% retention

Before
Carry-forward 5 days
After
Carry-forward 7 days

Approval engine

N-step approvals. Versioned. SLA-bounded.

Approvals modelled per policy, with versioned chains, role fallbacks and SLA breaches surfaced before they cost the business.

Salary change > 10%

Trigger · Comp edit

SLA · ≤ 48h

ManagerHRBPFinanceCHRO

Leave request > 5 days

Trigger · Self-service

SLA · ≤ 24h

ManagerSkip-level

Expense > $1,000

Trigger · Submitted

SLA · ≤ 72h

ManagerFinance

RBAC grant · external

Trigger · Role change

SLA · ≤ 24h

OwnerSecurityCHRO

Data residency

Where the record lives. Who holds the key.

Choose the region. Bring your own key. Keep PII inside the border. People honors residency, sovereignty and key-management without separate SKUs.

Regional residency mapBYOK · CMEK

India

ap-south-1
AES-256 · CMEK
DPDP

Europe

eu-central-1
AES-256 · BYOK
GDPR · Schrems II

United States

us-east-1
AES-256 · CMEK
SOC 2 · CCPA

Singapore

ap-southeast-1
AES-256 · CMEK
PDPA

UAE

me-central-1
AES-256 · BYOK
PDPL

Operator pricing

Governance shouldn't bill per audit. It belongs in the platform.

Most platforms put audit logs, advanced RBAC and data residency on a higher tier. People treats governance as a product primitive — included in every operator seat.

vs Rippling All comparisons

Monthly cost @ 200 employeesYou save

Rippling

$3,500

BambooHR

$1,400

Fyboard People

$129

Governance · ready before the auditor

Trust starts with a trail. People builds it.

RBAC, audit, approvals and residency — every governance lever in one platform, in every plan, on every operator seat.

Start with governance vs Rippling

Audit-trailed
Read-only export
SOC 2 ready

People · Governance

Governance you can hand to the auditor.

Read-only access. Versioned rules. Every change carries an actor, a timestamp and an IP — no CSV dumps, no spreadsheets, no surprises.

RBAC matrixAudit-trailedSOC 2 readyRead-only export

Get started Compare to Rippling

Governance · liveAudit-trailed

RBAC · employee scope

RoleRWAE

HR Admin

Manager

Auditor

Recent audit

RP
Updated payroll lock
Reema Patel · 10.4.21.6
10:18
DC
Granted Auditor role
Diego Cruz · 10.4.21.18
09:41
AL
Exported headcount
Ana López · 10.4.21.41
09:02

Read-only exportJSON · CSV · API

100%

Audit-trailed

SOC 2

Ready

The governance gap

Most HR systems weren't built to be audited.

Three patterns repeat across every people platform. They're invisible until the auditor walks in — or the regulator does.

No trail

Salaries change. Roles flip. Records are edited. Auditors find it weeks later — if at all.

Everyone is admin

RBAC is a tab nobody opens. Manager dashboards leak comp data. Permissions sprawl quietly.

CSV-as-audit

Auditors get a spreadsheet dump every quarter. Versioning lives in filenames. Trust erodes.

RBAC matrix

Roles. Capabilities. Scopes.

Permissions modelled per capability bundle, not per page. Scoped roles pin access to direct reports, business units or time windows.

RBAC matrix · employee scope

OnScopedOff

RoleReadWriteApproveExportDelete

HR Admin

Owns lifecycle & policies

Manager

Direct reports only

Finance

Comp & payroll bundle

Auditor

Read-only · time-boxed

Audit log

Every change. Replayable.

Audit events carry actor, IP, timestamp and before/after diffs. Filterable, searchable, exportable — and pinned to the rule version that was live.

Audit timeline · last 6 events100% retention

Before
Carry-forward 5 days
After
Carry-forward 7 days

Approval engine

N-step approvals. Versioned. SLA-bounded.

Approvals modelled per policy, with versioned chains, role fallbacks and SLA breaches surfaced before they cost the business.

Salary change > 10%

Trigger · Comp edit

SLA · ≤ 48h

ManagerHRBPFinanceCHRO

Leave request > 5 days

Trigger · Self-service

SLA · ≤ 24h

ManagerSkip-level

Expense > $1,000

Trigger · Submitted

SLA · ≤ 72h

ManagerFinance

RBAC grant · external

Trigger · Role change

SLA · ≤ 24h

OwnerSecurityCHRO

Data residency

Where the record lives. Who holds the key.

Choose the region. Bring your own key. Keep PII inside the border. People honors residency, sovereignty and key-management without separate SKUs.

Regional residency mapBYOK · CMEK

India

ap-south-1
AES-256 · CMEK
DPDP

Europe

eu-central-1
AES-256 · BYOK
GDPR · Schrems II

United States

us-east-1
AES-256 · CMEK
SOC 2 · CCPA

Singapore

ap-southeast-1
AES-256 · CMEK
PDPA

UAE

me-central-1
AES-256 · BYOK
PDPL

Operator pricing

Governance shouldn't bill per audit. It belongs in the platform.

Most platforms put audit logs, advanced RBAC and data residency on a higher tier. People treats governance as a product primitive — included in every operator seat.

vs Rippling All comparisons

Monthly cost @ 200 employeesYou save

Rippling

$3,500

BambooHR

$1,400

Fyboard People

$129

Governance · ready before the auditor

Trust starts with a trail. People builds it.

RBAC, audit, approvals and residency — every governance lever in one platform, in every plan, on every operator seat.

Start with governance vs Rippling

Audit-trailed
Read-only export
SOC 2 ready

Contract Lifecycle

Knowledge

Governance

Evaluate

Governance you can hand to the auditor.

Most HR systems weren't built to be audited.

No trail

Everyone is admin

CSV-as-audit

Roles. Capabilities. Scopes.

Every change. Replayable.

N-step approvals. Versioned. SLA-bounded.

Where the record lives. Who holds the key.

Governance shouldn't bill per audit. It belongs in the platform.

Trust starts with a trail. People builds it.

Contract Lifecycle

Knowledge

Governance

Evaluate

Governance you can hand to the auditor.

Most HR systems weren't built to be audited.

No trail

Everyone is admin

CSV-as-audit

Roles. Capabilities. Scopes.

Every change. Replayable.

N-step approvals. Versioned. SLA-bounded.

Where the record lives. Who holds the key.

Governance shouldn't bill per audit. It belongs in the platform.

Trust starts with a trail. People builds it.

Contract Lifecycle

Knowledge

Governance

Evaluate

Governance you can hand to the auditor.

Most HR systems weren't built to be audited.

No trail

Everyone is admin

CSV-as-audit

Roles. Capabilities. Scopes.

Every change. Replayable.

N-step approvals. Versioned. SLA-bounded.

Where the record lives. Who holds the key.

Governance shouldn't bill per audit. It belongs in the platform.

One employee record. Sixteen modules.

Compliance

Analytics

Employee Management

Recruitment

Trust starts with a trail. People builds it.

Contract Lifecycle

Knowledge

Governance

Evaluate

Governance you can hand to the auditor.

Most HR systems weren't built to be audited.

No trail

Everyone is admin

CSV-as-audit

Roles. Capabilities. Scopes.

Every change. Replayable.

N-step approvals. Versioned. SLA-bounded.

Where the record lives. Who holds the key.

Governance shouldn't bill per audit. It belongs in the platform.

One employee record. Sixteen modules.

Compliance

Analytics

Employee Management

Recruitment

Trust starts with a trail. People builds it.