Capabilities
What the Zebsoft platform does
Zebsoft Productivity Systems Limited uses Capabilities to perform work, generate evidence, and maintain control across the organisation.
Capabilities are the functional engines of the system. They are not tied to a single standard, department, or Domain. Instead, they are shared across the platform and applied wherever governance is required.
This page explains what Capabilities are, how they work, and why they are central to how Zebsoft operates.
What a Capability Is
A Capability is a system function.
It:
- Performs structured work
- Captures evidence as that work happens
- Maintains traceability between actions, risks, and outcomes
Capabilities answer the question:
“How is governance actually carried out and evidenced?”
They are reusable, consistent, and designed to support multiple Domains and standards without duplication.
Why Capabilities Matter
In many systems, functionality is duplicated across departments or standards — separate audits, separate risk registers, separate document stores.
Capabilities eliminate this by:
- Providing one consistent way to perform a task
- Allowing evidence to be shared across Domains
- Maintaining a single source of truth
- Reducing duplication and administrative effort
This is what enables integrated management systems to function properly.
How Capabilities Work with Domains and Modules
Capabilities do not operate in isolation.
- Domains define where governance applies
- Capabilities define what work is done
- Modules apply a Capability within a specific Domain or context
For example:
- One Audit Capability can support Health & Safety, Information Security, and Environmental governance
- One Risk Capability can underpin multiple standards and obligations
- One Document Control Capability can serve the entire organisation
This structure allows the system to scale without fragmentation.
Core Zebsoft Capabilities
Zebsoft includes a range of Capabilities that can be applied across Domains.
Audit
Plan, conduct, and record audits in a structured and repeatable way.
Supports:
- Internal and external audits
- Findings, actions, and follow-up
- Evidence capture and traceability
Risk
Identify, assess, and manage risk in context.
Supports:
- Risk registers
- Impact and likelihood analysis
- Links between risk, controls, and actions
Document Control
Create, manage, and govern documented information.
Supports:
- Policies, procedures, and records
- Version control and approval
- Controlled access and visibility
Incident Management
Record, investigate, and resolve incidents and non-conformances.
Supports:
- Incident reporting
- Root cause analysis
- Corrective and preventive actions
Change Management
Control changes to processes, systems, and operations.
Supports:
- Change requests and approvals
- Impact assessment
- Traceable decision-making
Training & Competency
Manage skills, training, and competence requirements.
Supports:
- Role-based competency requirements
- Training records and certification
- Visibility of gaps and obligations
Business Continuity
Plan for disruption and maintain operational resilience.
Supports:
- Contingency planning
- Business impact analysis
- Preparedness and response evidence
Capabilities and Evidence
Capabilities are designed to generate evidence by default.
Every action, decision, and record is:
- Time-stamped
- Attributed to a user
- Linked to its context
This creates a continuous audit trail without additional administrative burden.
Capabilities and Shield Levels
The availability and depth of Capabilities depend on the Shield Level in use.
- Foundation provides core Capabilities
- Growth unlocks advanced control and automation
- Enterprise extends Capabilities across external Portals
The Capability model itself remains consistent at every level.