Governance and auditability

Access, review, and export actions are logged. Access is explicit and attributable.

Auditability

Notifications indicate availability of information. They do not impose response expectations or timelines.

The system remains investigative, not operational.

Audit scope

Audit logs record access, review, export, and administrative events. Logs are retained with provenance metadata sufficient to attribute actions to users and to support post-hoc review.

Audit logs record events; they do not evaluate the correctness of investigative decisions.

Governance model

Access controls, role definitions, and export privileges are configured by the deploying organization. The system enforces configured controls and records policy exceptions; it does not itself set or interpret organizational policy.