AsplenzAsplenz
Back to Evidence

This perspective is about Evidence, Asplenz's proof infrastructure.

Looking for Knowledge (agent guardrails & decision governance)? Go to Knowledge

Audit & Risk Perspective

For audit, risk, and internal control teams responsible for post-incident truth.

The reality of your role

You investigate events after they happened.

Evidence reaches you late, extracted from systems you do not operate, already filtered, explained, or summarized by others. You depend on narratives, screenshots, exports, and assurances that data "has not been altered".

Your challenge is not analysis. It is establishing whether a fact can still be trusted at all.

Where Evidence fits

Evidence provides an independent infrastructure of proof.

It does not assess compliance. It does not interpret responsibility. It does not validate decisions.

It records declared facts and seals them at the moment they are submitted, producing evidence that can be verified without relying on the operational systems that generated it.

Evidence exists so that audit does not depend on trust in IT-controlled data.

What Evidence provides to Audit & Risk

  • An append-only record of declared facts
  • Independent timestamps assigned at sealing time
  • Cryptographic integrity that makes later alteration detectable
  • Exportable proof bundles verifiable outside Evidence

Nothing more.

What Evidence does not do

  • Does not decide whether a process is compliant
  • Does not replace audit methodology
  • Does not qualify responsibility or intent
  • Does not explain what should have happened

Evidence produces facts. Audit produces conclusions.

After an incident, you can establish

Using Evidence, you can verify:

  • Whether a declaration existed
  • When it was sealed
  • Who declared it
  • Whether it was altered afterward

You no longer need to reconstruct events from memory, tickets, or log excerpts. You verify integrity first, interpretation second.

Why this matters for Audit & Risk

Audit credibility depends on independence.

When evidence is produced and stored by the same systems that executed the actions, integrity can only be assumed. Evidence introduces a structural separation between action and proof.

This separation allows audit to operate on facts that are immutable by design, not by policy.

What Evidence changes

Before Evidence:

  • ×Evidence is reconstructed
  • ×Integrity is assumed
  • ×Verification is indirect

With Evidence:

  • Facts are sealed at declaration time
  • Integrity is verifiable
  • Proof is autonomous

Discover Evidence in depth

Decision proof infrastructure: how it works, modules, product status, and vision.

View how facts are sealed

This example shows a real post-incident timeline composed of sealed facts, their timestamps, and their integrity hashes, exactly as an auditor would review them.