STD-DAT-001: Data Governance & Audit
1. Context
To ensure the system works as "Court-Proof Evidence". Data is not just state; it is history.
2. The Standard (The Floor)
- [MUST] Immutability Policy:
- Finance/Governance: Records are APPEND-ONLY. Mutations are forbidden. Corrections require a "Reversing Entry".
- Evidence: Photos/Docs uploaded to Cases are WORM (Write Once Read Many).
- [MUST] Tamper-Evident Audit: Critical Actions (as defined in CAP) MUST write to
system_audit_log with actor_id, timestamp, diff, and context.
- [MUST] Legal Hold: The system MUST support a "Legal Hold" flag that prevents deletion (even by retention policies) for specific entities.
3. Best Practices (The Path)
- [SHOULD] Event Sourcing: Prefer storing Events (
MoneyDeposited) over just State (Balance) for complex domains.
- [SHOULD] Retention: Define TTL (Time To Live) for non-critical logs (e.g., 90 days for debug logs, 7 years for financial logs).
5. Version History
| Version |
Date |
Author |
Change |
| 0.1 |
2026-01-25 |
AI |
Draft P0 Standard |
Version History
| Version |
Date |
Author |
Change |
| 0.1.0 |
2026-01-26 |
Antigravity |
Initial Audit & Metadata Injection |