Blogs

If an AI system affects legal, financial, or compliance outcomes, you need to answer: what happened, when, why, and who approved it. This post outlines audit logging and provenance patterns for AWS plus MongoDB based systems.
At minimum:
An audit log should be append only. If something changes, you write a new event.
This reduces risk and simplifies investigations.
References:
MongoDB can store:
Useful features:
References:
Map controls early.
References:
zed in logs, store pointers where possible, and implement deletion workflows that respect legal requirements.
Q: Should we log model prompts and responses? Sometimes yes, but treat them as sensitive. Apply encryption and access controls, and consider redaction.
Internal reference:
Q: How long should we retain audit logs? Retention depends on your domain and policy. Design for configurable retention with legal hold capability.
Q: How do we handle privacy requests? Keep personal data minimi
Q: What should we link to internally? A: Link to relevant solution pages like Computer Vision or Document Intelligence, and only link to published blog URLs on the main domain. Avoid staging links.