Audit Trail
Immutable logging of every action in AIIA for compliance and accountability.
What Gets Logged
| Category | Events |
|---|---|
| Data Changes | CREATE, UPDATE, DELETE on all entities |
| State Transitions | Engagement, finding, workpaper, report status changes |
| Approvals | Signoff, review, approval, rejection |
| Exports | PDF generation, CSV export, board pack creation |
| AI Actions | Every AI request, response, and user action (Apply/Reject) |
| Authentication | Login, logout, failed attempts |
| Administration | Role changes, user management, config changes |
Event Schema
| Field | Type | Description |
|---|---|---|
| id | int | Event ID (auto-increment) |
| org_id | int | Organization |
| user_id | int | Acting user |
| username | varchar | Username |
| action | varchar | Action type |
| resource_type | varchar | Entity type |
| resource_id | varchar | Entity ID |
| details | json | Before/after values, metadata |
| ip_address | varchar | Client IP |
| created_at | timestamp | UTC timestamp |
Querying Audit Logs
UI
- Navigate to Audit Logs from the sidebar
- Filter by date range, user, action, resource type
- Export filtered results as CSV
API
GET /api/v1/audit-logs?action=CREATE&resource_type=Finding&start_date=2026-01-01
Compliance Uses
| Requirement | How Audit Trail Helps |
|---|---|
| IIA Standard 2330 | Documenting workpaper review history |
| NCA ECC | Proving access control enforcement |
| PDPL | Data access logging for privacy compliance |
| SOX | Change management evidence |
Immutability
Audit log events are:
- Append-only — no UPDATE or DELETE operations allowed
- Timestamped — server-side UTC timestamp
- Identity-verified — user from authenticated JWT
- Retention-protected — exempt from standard cleanup