Evidence Model

RADAR structures compliance evidence into four layers: traces, findings, control mappings, and export bundles. Each layer is independently reviewable and auditable.

Pipeline Overview#

Evidence PipelineObserve \u2192 Detect \u2192 Map \u2192 Export

ObserveLLM calls \u2022 Tool events

DetectPII \u2022 Policy violations

MapAI Act \u2022 GDPR \u2022 SOC 2

ExportPDF \u2022 SIEM \u2022 Evidence packs

1. Traces#

A trace is a chronological record of material AI activity. Every event — LLM call, tool invocation, policy evaluation, human review — is captured with full context for reconstruction.

Session identity

User, agent, deployment, and correlation IDs that let auditors reconstruct the full context across systems. Every trace belongs to exactly one session.

Timeline

Events are timestamped with nanosecond precision. Types: llm_call, tool_invocation, policy_evaluation, pii_detection, review_action, system_event.

Model context

Model name, system prompt, input/output tokens, temperature, top_p, max_tokens, stop sequences, and response metadata. Captures the exact inference parameters that affected behavior.

Tool activity

Tool name, input arguments, output/result, latency (ms), token cost ($), policy decision (allow/deny/escalate), and correlation to parent event.

Trace JSON structure

json

{
  "trace_id": "trc_8f7d3a1e",
  "session_id": "sess_abc123",
  "agent": "customer-support-v2",
  "framework": "langchain",
  "user_id": "user_456",
  "events": [
    {
      "type": "llm_call",
      "timestamp": "2026-05-04T14:23:11.123456Z",
      "model": "gpt-4o",
      "prompt": "I need a refund",
      "completion": "Let me check your order",
      "tokens_prompt": 45,
      "tokens_completion": 120,
      "latency_ms": 3400,
      "policy_evaluations": [
        {
          "policy": "pii_scan",
          "decision": "pass",
          "findings": []
        }
      ]
    },
    {
      "type": "tool_invocation",
      "timestamp": "2026-05-04T14:23:14.567890Z",
      "tool": "get_order",
      "input": {"order_id": "ORD-789"},
      "output": {"status": "delivered", "amount": 49.99},
      "latency_ms": 1200,
      "decision": "allow"
    }
  ],
  "status": "completed",
  "created_at": "2026-05-04T14:23:11Z"
}

2. Findings#

A finding is a structured observation derived from trace data. Each finding has a type, severity, confidence, and lifecycle state. Findings are more useful than raw logs because each one can be owned, reviewed, remediated, and mapped to a compliance control.

PII Exposure

Detected sensitive data in prompts, tool inputs, or LLM responses. Classified by type (SSN, credit card, email, health data) and confidence level (0.0–1.0). Includes the matched context and character offset.

Policy Violation

Agent action that violated a defined policy: blocked tool access, disallowed domain, cost threshold exceeded, unauthorized data access. Includes the policy rule matched and the action taken (deny, warn, escalate).

Review Required

High-risk action requiring human approval. Tracks escalation path, reviewer assignment, review decision, and time-to-review. Escalated automatically if review SLA is exceeded.

Cost Anomaly

Per-agent or per-session token spend exceeds configured threshold. Includes the threshold, actual spend, time window, and correlated agent/session context.

Loop Detection

Agent entered a behavioral loop: repeated tool calls with identical inputs or outputs exceeding the configured retry limit. Includes the loop pattern detected and termination action.

Missing Review

A high-risk action required human approval but was not reviewed within the required window. Escalated for compliance review with full audit trail.

Finding lifecycle

Each finding progresses through: open → reviewing → remediated → closed. Status transitions are recorded with actor, timestamp, and comment. Auditors can verify that every finding was handled to completion. Findings can be reopened if remediation is incomplete.

3. Control Mapping#

Traces and findings are mapped to compliance controls. This lets legal, security, and compliance teams verify that specific regulatory obligations are met without reading raw technical records. Mappings are configurable per organization and per framework.

EU AI Act Article 12

Record keeping

Traces capture model, prompt, tool calls, decisions, and policy evaluations for each agent session.

EU AI Act Article 13

Transparency

Evidence packs include human-readable explanations of agent decisions, data sources, and control applications.

EU AI Act Article 14

Human oversight

Findings track review status, escalation path, reviewer, approval decision, and time-to-review.

EU AI Act Article 15

Accuracy

Anomaly findings capture cost spikes, loop detection, unexpected tool access, and policy drift.

GDPR Article 5

Data minimization

PII findings identify sensitive data exposure in prompts/outputs with retention controls and deletion support.

GDPR Article 32

Security of processing

Encryption at rest and in transit. Access controls. Audit logging. Incident detection.

SOC 2 CC6

Logical and physical access

Session identity, tool access logs, policy enforcement records mapped to access control evidence.

SOC 2 CC7

System operations

Monitoring, anomaly detection, incident escalation, and review workflows captured as findings.

HIPAA 164.312(a)

Access control

User authentication, session attribution, and tool-level access authorization.

HIPAA 164.312(b)

Audit controls

Chronological records of all ePHI access by agents with user attribution and tool context.

Available Evidence Packs#

Article 14 Evidence

JSON / HTML / PDF·EU AI Act

DPIA (Data Protection Impact Assessment)

JSON / HTML / PDF·GDPR

HIPAA Risk Assessment

JSON / HTML / PDF·HIPAA

SOC 2 Trust Services Criteria

JSON / HTML / PDF·SOC 2

ISO 42001 AIMS

JSON / HTML / PDF·ISO 42001

5. Export Bundles#

Evidence Pack

agent-session-7f42 · customer-support

Pack ID

EP-2026-05-03-001

Generated2026-05-03T14:23:11Z

ScopeLast 24 hours

Ready for review

Pack Summary

Session	Policy Set	Sensitive Data	Retention
7f42-2026-05-03	EU-AI-ACT / GDPR / SOC2	3 findings · 0 unresolved	Local · 365 days · signed

Event Timeline

Timestamp	Type	Detail	Status
14:23:01.042	llm_call	gpt-4 · customer-support-agent	pass
14:23:01.847	tool_call	crm_lookup · account-7f42	pass
14:23:02.156	pii_check	email, account_id in prompt context	warn
14:23:02.891	policy_check	transparency · record-keeping	pass
14:23:03.112	llm_response	gpt-4 · completion · 312 tokens	pass

5 events · 3.1s total duration

Findings Register

PII-2026-05-03-001· Finding

Resolved

Email address and account identifier detected in prompt context for session 7f42. Both values were masked before export. No unresolved exposure.

Severity: MediumDetected: 14:23:02.156Control: access-control-7.2

Control Mappings

Framework	Article	Control	Finding
EU AI Act	Art. 13	Transparency	Trace record
EU AI Act	Art. 14	Human Oversight	Review queue
GDPR	Art. 5	Data minimization	PII mask
SOC 2	CC6.1	Access control	Tool audit

Digital Signature

SHA-256: a1b2c3d4e5f6...7890abcdef

Signed: RADAR/1.0 · 2026-05-03T14:23:11Z

Classification

Confidential — Regulator-Only

Pack EP-2026-05-03-001 · Page 1 of 1

An export bundle packages traces, findings, control mappings, and retention proof into a single deliverable. Bundles are the primary artifact for audit requests, security reviews, procurement files, and regulator responses.

Formats

JSON for programmatic ingestion. HTML with navigation for human review. PDF with cover page and table of contents for regulator submission. Parquet for data warehouse import.

Scope selection

Filter by time range, agent, user, finding type, control framework, severity level, or session ID. Combine filters for precise audit packages.

Retention proof

Each export includes SHA-256 hashes of all records and a signed attestation that records have not been modified since capture. Usable as evidence of data integrity.

SIEM forwarding

Configure continuous forwarding to Splunk HEC, Microsoft Sentinel, or generic syslog. Events are structured with consistent schema for correlation.

bash

# Generate an evidence pack
docker exec radar radar pack --last 7d \
  --include-controls \
  --include-retention-proof \
  --format pdf \
  --output /data/audit-pack-q2-2026.pdf

# Export raw evidence for SIEM
docker exec radar radar export --since "2026-04-01" \
  --until "2026-05-01" \
  --format parquet \
  --output /data/evidence-q2-2026.parquet

# List available packs
docker exec radar radar pack list
# pack_abc | Q2 2026 Audit | 2026-05-04 | PDF | 12.4 MB | 3,247 traces