All features/Security & the audit trail

Integrity by design

Nothing deleted. Nothing orphaned. Everything logged.

An audit platform has to survive its own audit. Audit Intelligence is built around two architectural promises — no orphan data, and an immutable trail — with the locks, roles and isolation to back them up.

The audit trail

Every action, timestamped, forever.

Every sign-off, status change, override, upload and AI interaction is written to an immutable audit trail. Nothing is deleted — superseded values are kept with who changed them and when. Each engagement carries its own activity timeline, the firm has a full audit log, and AI calls are recorded with the feature and model that made them.

  • Evidence of platform integrity is exportable for inspections and peer reviews.
  • No orphan data: every note, journal, evidence file and request has a parent object — by architecture, not policy.
app.audit-intel.com/audit-log
Materiality locked — C. Pienaar (Partner)14:02 · logged
WP status: Ready for review — P. Singh13:47 · logged
AI: revenue narrative drafted13:31 · cited + logged
Locks

Phase gates, then the final lock.

When a phase is signed off, its values freeze. Changing anything requires a formal partner unlock — logged — and re-sign-off. After the audit report, the file auto-locks 60 days from the report date (a partner can lock earlier), and the locked file is retained for seven years in line with ASIC and ASA requirements.

  • Final-checklist validation runs before lock — the AI cross-checks completeness, the partner decides.
  • Archived files remain readable for inspection throughout retention.
app.audit-intel.com/engagements/acme-fy2025/archive
Audit report date15 Sep 2025
Auto-lock14 Nov 2025 — 60 days
Retention7 years
Gate: post-lock changes require partner approval — and the unlock itself becomes part of the record.
Access & isolation

Your firm's data is yours alone.

Each firm is an isolated tenant with its own database schema — cross-firm visibility does not exist at the infrastructure level. Inside the firm, role-based access control governs every action, sign-in supports Microsoft and Google SSO plus two-factor authentication, and the platform's own support tooling runs on a separate database that holds no audit data.

  • Read-only QA and EQR roles allow inspection without edit rights.
  • The full compliance posture — residency, encryption, Privacy Act — lives on the Security & compliance page.
app.audit-intel.com/settings
Tenant isolationSchema per firm
SSOMicrosoft · Google
Two-factor authenticationTOTP
Data residencySydney (ap-southeast-2)
Previous
← Training Centre & AuditBot

See it on your own engagements.

Start your firm free, or book a demo and we will walk you through the platform on a real audit file.

Start your firm free Book a demo

No credit card to start · Australian-resident data · Cancel anytime