Record Retention & Audit Evidence
Supports evidence-collection workflows informed by NIST AI RMF, ISO/IEC 42001, and SOC 2 Type II with an RBAC configuration point, privacy filtering, secret DLP, citation checks, a configurable human-oversight point, and audit policy events; platform retention remains a separate configuration.
This template is a configurable starting point and control mapping. It is not certification, legal advice, or a guarantee of compliance; validate it against your obligations and environment before use.
Global
3 references
4 mapped domains
Regulated SaaS, Private Cloud
Referenced Frameworks, Standards & Obligations
Mapped Control Domains
Deployment profiles
Get started in 3 steps
Open the template
Open the catalog entry in the Keeptrusts console and review its included controls, references, and deployment metadata.
Adapt the configuration
Use the template as a starting point, then adjust relevant policies, thresholds, routing, and review settings for your requirements.
Validate before rollout
Test every outcome you configure—such as allow, redact, block, or operator review—before deploying through a supported gateway workflow.
More Governance & Operations templates
Third-Party AI Risk
Third-party AI controls for vendor evidence, protected data, citation checks, a configurable human-oversight point, and traceability.
Model Governance Registry
Model-registry controls for governed records, citation checks, a configurable human-oversight point, and auditability.
AI Disclosure & Transparency
AI-disclosure controls for protected data, citation checks, a configurable human-oversight point, and transparency evidence.