Skip to main content

Auditor View

The auditor view is read-only.

Implemented:

  • Auditor-safe evidence endpoint.
  • Policy-driven redaction for auditor evidence list/detail reads.
  • Policy-driven redaction for auditor SIEM log search/detail reads.
  • Policy-driven redaction for auditor ticket detail and auditor-visible comments.
  • No mutation or command execution controls in the auditor UI.
  • Evidence includes timestamps, control mappings, linked alert, linked event, and delivery status.
  • Export packages can be requested from Compliance Evidence and downloaded as redacted CSV/PDF artifacts with backend-generated hashes and PDF watermark metadata.

Planned:

  • Auditor review notes.