/

Monitor: AI Activity Tracing & Telemetry

/

Inadequate AI Audit Trails

7.4

.

Inadequate AI Audit Trails

sail

7.4

Risk

Inadequate AI Audit Trails

Description

Audit trails are incomplete, inconsistent, or lack the fidelity needed for investigations, compliance, or forensics.

Example

Audit trail cannot demonstrate model's decision path during legal dispute.

Assets Affected

App Usage log

Model files

Mitigation

Ensure logs are comprehensive, tamper-evident, time-synced, and retained as per policy
Regularly review and test audit trails

Standards Mapping

ISO 42001: A.6.2.8, A.8.5
NIST AI RMF: GOVERN 4.2, MEASURE 3.1
DASF v2: RAW DATA 1.10