> ## Documentation Index > Fetch the complete documentation index at: https://docs.manthan.systems/llms.txt > Use this file to discover all available pages before exploring further. # Runtime Audit > Audit records, execution evidence, verification history, and execution integrity proofs ## Overview Parmana produces auditable evidence for every stage of policy enforcement. Audit records allow organizations to answer: * What decision was made? * Which policy produced the decision? * Which verified signals were evaluated? * Was an override applied? * Was the action executed? * Did execution match authorization? * Can the evidence be independently verified? ```text theme={null} Verified Signals ↓ Policy Evaluation ↓ Attestation ↓ Override (optional) ↓ Execution ↓ Execution Integrity Proof ↓ Verification ``` *** ## Why Audit Matters Policies are only useful if organizations can demonstrate that they were enforced. Parmana creates evidence that can be inspected later by: * Auditors * Compliance teams * Security teams * Risk teams * Regulators * Customers *** ## Core Principle Parmana records evidence instead of requiring trust. ```text theme={null} Action ↓ Evidence ↓ Verification ``` Every important step produces verifiable records. *** ## Audit Lifecycle ```text theme={null} Customer Request ↓ Verified Signals ↓ Policy Evaluation ↓ Attestation ↓ Override (optional) ↓ Execution ↓ Execution Integrity Proof ↓ Verification ``` Each step contributes evidence to the audit trail. *** ## Evaluation Records Policy evaluations generate signed attestations. Example: ```json theme={null} { "executionId": "claim-001", "policyId": "claims-approval", "policyVersion": "1.0.0", "decision": { "status": "decided", "outcome": { "action": "approve", "requires_override": false } }, "signature": "..." } ``` The attestation becomes the primary authorization record. *** ## Override Records When a policy requires escalation: ```json theme={null} { "status": "pending_override", "requires_override": true } ``` Parmana records: * Approver identity * Approver role * Approval reason * Override signature Example: ```json theme={null} { "approvedBy": "manager", "approverRole": "manager", "reason": "manual review completed" } ``` Overrides never replace the original policy decision. Both records remain available for audit. *** ## Execution Integrity Proofs After execution, organizations can confirm what actually occurred. ```text theme={null} Attestation ↓ Execution ↓ Confirm Execution ↓ Execution Integrity Proof ``` Example: ```json theme={null} { "match": true, "verified": true, "execution_state": "completed" } ``` Execution Integrity Proofs demonstrate: * What was authorized * What was executed * Whether they matched *** ## Verification Records Verification produces independent evidence that an attestation is valid. Verification checks: * Signature validity * Runtime compatibility * Schema compatibility * Provenance integrity * Release integrity Example: ```json theme={null} { "valid": true, "signatureVerified": true, "runtimeVerified": true, "schemaCompatible": true } ``` *** ## Provenance Records Every attestation includes provenance metadata. Example: ```json theme={null} { "provenance": { "provenanceVersion": "PARMANA_PROVENANCE_V1", "bundleHash": "...", "manifestHash": "...", "trustRootVersion": "1.0.0", "signerKeyId": "parmanasystems-root-2026" } } ``` Provenance links decisions to: * Runtime artifacts * Release manifests * Trust roots * Signing infrastructure *** ## Evidence Categories ### Authorization Evidence Produced by: ```text theme={null} POST /evaluate ``` Includes: * Policy decision * Signals fingerprint * Attestation signature *** ### Override Evidence Produced by: ```text theme={null} POST /override ``` Includes: * Human approval * Role * Reason * Override signature *** ### Execution Evidence Produced by: ```text theme={null} POST /confirm-execution ``` Includes: * Authorized action * Executed action * Match analysis * Integrity proof *** ### Verification Evidence Produced by: ```text theme={null} POST /verify ``` Includes: * Verification outcome * Trust chain validation * Provenance validation *** ## Audit Database When audit persistence is enabled, Parmana stores audit records for operational and compliance purposes. Typical records include: ```text theme={null} Decisions Overrides Verifications Execution Confirmations ``` Audit persistence is optional. Cryptographic evidence remains portable even without a database. *** ## Portable Evidence Parmana evidence can be stored independently. Examples: ```text theme={null} Object Storage Archive Systems Compliance Platforms SIEM Systems Regulatory Archives ``` Evidence remains verifiable outside the original runtime. *** ## Example Audit Trail ```text theme={null} Customer submits request ↓ Policy evaluated ↓ Attestation issued ↓ Override approved ↓ Action executed ↓ Execution confirmed ↓ Verification performed ``` Result: ```text theme={null} Complete Authority Trail ``` *** ## Independent Audit An auditor should be able to answer: ```text theme={null} Which policy was evaluated? Which signals were used? Who approved the override? What action was executed? Did execution match authorization? Can the evidence be verified? ``` without trusting the original runtime. *** ## Authority Trail Parmana records the complete authority chain. ```text theme={null} Verified Facts ↓ Policy Evaluation ↓ Decision ↓ Human Override (optional) ↓ Execution ↓ Execution Integrity Proof ↓ Verification ``` This creates a verifiable record of how authority was exercised before and during execution. *** ## How Runtime Audit Fits Into Parmana ```text theme={null} Verified Signals ↓ Parmana Evaluation ↓ Attestation ↓ Override ↓ Execution ↓ Execution Integrity Proof ↓ Verification ↓ Audit Evidence ``` Parmana does not merely record events. Parmana records verifiable evidence showing how authority was exercised, enforced, and confirmed.