Immutable Audit Log
An append-only record of every AI decision that cannot be modified, deleted, or altered after the fact — providing tamper-proof evidence for audit and regulatory purposes.
What it means
An immutable audit log records events in a way that ensures they cannot be altered after being written. In standard database tables, records can be updated or deleted — making them unsuitable for audit purposes where the integrity of the record must be guaranteed. Immutable logs use append-only storage and often employ cryptographic techniques (hash chains, write-once storage) to make tampering detectable or impossible.
For AI decision audit logs, immutability means that once a decision record is written — with its context payload, policy version, actor identity, and outcome — that record cannot be changed to show a different outcome, attribute the decision to a different actor, or alter the context that led to the decision.
Immutable audit logs are a requirement in many regulatory frameworks (SOX requires immutable records for financial controls, HIPAA requires audit logs for healthcare data access, EU AI Act requires records for high-risk AI decisions).
Why enterprise executives need to understand this
CISOs and compliance officers require immutable audit logs because mutable records cannot satisfy regulatory requirements for audit defensibility. If an AI system's decisions can be retroactively altered in any way, auditors cannot rely on the records to verify compliance. Immutability is the foundation of audit-grade evidence — without it, the audit log is merely advisory.
How Corules implements this
Corules writes every decision to an append-only audit ledger. Records include a content hash of the context payload, enabling verification that the stored context matches the actual input. The ledger supports configurable retention (30 days on Free, 1 year on Growth, unlimited on Enterprise) and full export for long-term archival. Records are queryable by correlation_id, actor, policy version, outcome, and time range.
Frequently Asked Questions
Is an immutable audit log enough for SOX compliance?
SOX compliance for AI-driven decisions requires more than logging — it requires that the decisions themselves were made under appropriate controls (separation of duties, approval thresholds), that those controls are enforced deterministically, and that the records prove it. Corules addresses all three: enforcement controls, deterministic evaluation, and immutable records.
See Immutable Audit Log in production
Corules implements every concept in this glossary. Join enterprise teams enforcing policy at runtime — no credit card required.
Request access