Skip to content
TrustDeck

Use case · Audits & regulatory submissions

Auditor-grade evidence trails.
Regulator-grade exports.

SOC 2-class audit logs. Immutable acceptance evidence. Long-term retention. Chain-of-custody you can hand to any reviewer — internal, external auditor, or regulator — without reconstructing anything from memory.

What's in the room

Evidence that survives
the next audit cycle.

Immutable append-only audit log

Every consequential action — every view, download, NDA acceptance, member added, permission flipped, document deleted — lands in an append-only Postgres table. UPDATE blocked by trigger; DELETE blocked by REVOKE. The audit log can't be tampered with, even by us.

Field-level change diffs

When something is updated, the audit row captures the precise from/to. Audit-log viewer renders a structured diff per field — so a reviewer can see exactly what changed, by whom, when, and from what IP. CSV export with the diffs flattened for offline forensics.

NDA acceptance evidence that stands up

Click-to-accept captures the user's name, IP address, user agent, signature method (default click), the rendered HTML of exactly what they saw, and a timestamp. Stored immutably in a separate table with its own triggers. Hand the receipt to your legal counsel; it stands up on its own.

Per-tier long-term retention

Trash retention is 30 days on free, 90 days on Starter / Professional, 365 days on Project Finance / Enterprise. Audit log itself is never purged. For 7-year regulator retention requirements, Project Finance + Enterprise are the right tiers — and we'll write a custom retention policy if your audit body demands one.

Permission state at any point in time

Auditor asks: who could access this folder on the 14th of March? The audit log of permission changes lets you reconstruct the access matrix at any timestamp. No reconstruction from memory; no "let me check with IT".

Filterable audit-log viewer + CSV export

Admin viewer at /settings/audit-log with filters for category, user, date range, actor typeahead. Click-through to the referenced resource on every row. CSV export of any filtered view — drop straight into an evidence pack for the auditor.

Per-viewer PDF watermarks

Every page of every PDF served inline carries the viewer's email + IP + UTC timestamp — stamped server-side before bytes reach the browser. If a document surfaces somewhere it shouldn't, the watermark is the evidence trail.

Workspace isolation enforced at the database

Postgres row-level security at every domain table. Our own service-role code paths filter by workspace explicitly as defence in depth. Other firms' deals are invisible at the storage layer, not just the UI layer — enforced in the database schema itself, not merely in application code.

Ideal for

Teams where evidence quality
is part of the deliverable.

External financial audits

Big-four or mid-tier audit firm needs to verify document chain-of-custody on a year-end audit. Give them a read-only room member with audit-log access; CSV export when they want it.

Regulatory submissions

Financial-conduct, central-bank, or sector regulator submission packs. Long-term retention + immutable evidence + chain-of-custody satisfies the regulator's auditor; the structured export makes the submission itself tidy.

Internal compliance reviews

Annual ISO recertification, internal controls testing, third-party risk reviews. The audit log is your evidence of operational discipline without needing to instrument it separately.

Recommended tier

Professional or Project Finance

See all tiers →

Professional (USD 499/month) covers SOC 2-grade audit log, advanced permissions, and longer-tail retention. Project Finance (USD 999/month) adds custom retention policies, single-tenant deployment available on request, and 1-hour-response support. For multi-year regulatory retention (5 - 25 years), talk to us about Enterprise.

Start with the audit log already turned on.

Every TrustDeck account — including free — has the full immutable audit log running from day one. There is no checkbox to turn it on; there is no plan tier where it gets switched off.