You are reviewing a client whose compliance program now has AI in the loop: control mappings, evidence drafts, framework cross-walks. Your standard request list assumes humans made the changes. Kanonik is built so you can verify every AI-assisted change yourself, offline, with cryptographic proof.
Most AI-in-GRC offerings retain the AI-generated artifact and discard the trail behind it. The audit defense becomes: "the vendor logged it; the AI proposed it; the human approved it; trust the vendor's reconstruction." For NIST 800-53 AU-10 (non-repudiation), AU-11/12 (record retention and generation), and EU AI Act Article 12 (traceability over the lifetime of the system), that is not a defense. It is the absence of evidence.
Every step of every AI-assisted change is captured as a structured event, hashed, chained, and signed with the customer's tenant key (ECDSA P-384). The event store is append-only at the database layer; tampering with any past event breaks the chain detectably.
The auditor workflow has four stages. Each stage produces events that land in the chain; the chain is what you verify.
AuditSession for a specific framework (e.g. iso27001:2022), a scope (subset of controls, say 11 of 93 ISO Annex A controls), a time box, a customer principal, and an auditor principal. The Verifier checks that the scope coheres with the framework and that the time box is sensible; an LLM-tier check warns if the scope is implausibly narrow or implausibly broad. Approval signs the session into existence. Event emitted: audit.session.created.v1.AuditFinding with an opinion from a fixed enum (operating_effectively, deficient, not_applicable, scope_change), at least one evidence_ref, and your notes. The Verifier checks deterministically (the control is in scope, the opinion is valid, the evidence references resolve) and then runs an LLM-tier check on whether the evidence supports the opinion. The approval is gated; the chain captures the verdict and your reasoning together. Event: audit.finding.recorded.v1.finalize_audit_session. The server runs the completeness check (every control_id in session.scope has exactly one finding) and refuses to finalize if any are missing, returning the gaps. If complete, the chain head is force-signed at the finalize event, the bundle is produced, and the session transitions to sealed. After sealing, the session is immutable. Event: audit.session.finalized.v1.Produced by finalize_audit_session; downloadable as audit-bundle-<tenant>-<session_id>-<finalized_at>.tar.gz. Eight artefacts:
MANIFEST.json: tenant, session, framework, signing key id, schema versions, generation timestamp, file checksums.events.jsonl: every session-scoped event in sequence (audit.session.*, audit.finding.*), the embedded Verifier verdicts, the approval-token consumption records.chain_root.json: the signed ChainRoot covering all events up to and including the finalize event.public_key.pem: the ECDSA P-384 verification key for chain_root.json.schemas/: canonical-model JSON schemas at the versions referenced in events.jsonl (audit_session.v1.json, audit_finding.v1.json, and so on per (entity_type, schema_version) seen).framework/: the framework package as loaded at finalize time (e.g. iso27001-2022.json).report.pdf: the human-readable audit report. Cover page (tenant, framework, scope, timebox, principals, finalize timestamp), per-control sections (opinion, evidence refs, Verifier verdict summary, your notes), chain-of-proof appendix.VERIFY.md: instructions for verifying the chain offline.You verify on your own machine. No connection to Kanonik is required for the verification step.
On every paid Kanonik tier (Solo, Team, Business, Enterprise) the auditor of record gets read-only access to the live system and the Auditor Export generator at no charge. You see what the client sees. You verify what they verify. You do not pay.
This is intentional. Auditors are our channel, not our adversary. We do not charge the people whose recommendation determines whether the customer's compliance investment was sound.
If you are an auditor reviewing a Kanonik customer's program, email [email protected] with your name, firm, and the client's name. We set up your read-only access within one business day. If your client has not onboarded yet, we coordinate.
If you are evaluating Kanonik for your own intake but you are not yet engaged on a Kanonik customer, contact us at the same address and we will walk through the architecture and the verification toolchain. The open-source verifier ships publicly when the first paying customer onboards.
Read the security architecture, or write to us if you are auditing a Kanonik customer right now.