Governance & Audit

An audit log auditors trust.

Append-only, hash-chained, verified daily. Every action across every module is recorded in a tamper-evident log that you can export and an auditor can independently verify.

Request a demo

What you can do

Capabilities

Append-only

Entries are written once and never modified or deleted. The log is a forward-only record of everything that happened.

Hash-chained

Each entry includes a cryptographic hash of the previous entry. Tampering with any record breaks the chain — detectable by anyone with the export.

Daily verification

An automated verifier checks chain integrity daily and exports chain heads. Gaps or breaks trigger alerts.

NDJSON export

Export the full log or any time range as newline-delimited JSON. Feed it into your SIEM, archive, or hand it to the auditor.

Cross-module coverage

Incidents, changes, CMDB edits, permission changes, de-pseudonymization requests, login events — everything is logged.

Configurable retention

Retention periods configurable per tenant. MaRisk-compliant extended retention when that toggle is on.

Compliance relevance

How this connects to regulation

DORA

Tamper-evident evidence for incident timelines, change approvals, and third-party records.

MaRisk

AT 4.3.4 — Extended audit retention meeting MaRisk minimums.

GDPR

Art. 5(1)(f) — Logging of all PII access and de-pseudonymization events.

Related features

Incident & Problem Change & CAB CMDB

Common questions

FAQ

No. The log is append-only by design. Entries cannot be modified or deleted, even by tenant admins.

Export the log as NDJSON. Each entry contains the hash of the previous entry. Recomputing the chain detects any gap or modification.

See ITSMx against your own compliance checklist.

30 minutes. We’ll map it to your DORA / NIS-2 / BAIT obligations.

Request a demo Talk to us