Evidence Packs
Collect and manage evidence data for compliance and audit purposes
Evidence Packs
Evidence Packs are comprehensive collections of monitoring data, validation results, and compliance documentation. They provide auditable proof of AI system performance and regulatory compliance.
Evidence Pack Object
interface EvidencePack {
id: string;
projectId: string;
name: string;
description?: string;
type?: 'compliance' | 'audit' | 'validation' | 'incident' | 'custom';
status: 'pending' | 'collecting' | 'completed' | 'failed' | 'archived';
metadata?: {
period?: {
startDate: string;
endDate: string;
};
regulations?: string[];
artifacts?: string[];
checksum?: string;
size?: number;
format?: string;
};
createdAt: string;
updatedAt: string;
}List Evidence Packs
Retrieve evidence packs with filtering and pagination.
GET /api/evidence-packs?page=1&limit=10&status=completed&type=compliance&projectId=proj_123
Cookie: session-token=your_session_tokenQuery Parameters:
page(optional): Page number (default: 1)limit(optional): Items per page (default: 10, max: 100)status(optional): Filter by pack statustype(optional): Filter by evidence typeprojectId(optional): Filter by specific projectstartDate(optional): Filter packs created after this dateendDate(optional): Filter packs created before this date
{
"success": true,
"data": [
{
"id": "pack_789",
"projectId": "proj_123",
"name": "Q1 2024 Compliance Report",
"description": "Quarterly compliance evidence for regulatory audit",
"type": "compliance",
"status": "completed",
"metadata": {
"period": {
"startDate": "2024-01-01T00:00:00Z",
"endDate": "2024-03-31T23:59:59Z"
},
"regulations": ["GDPR", "SOX", "HIPAA"],
"artifacts": [
"model_validation_reports.pdf",
"performance_metrics.json",
"audit_trail.csv",
"compliance_checklist.pdf"
],
"checksum": "sha256:a1b2c3d4e5f6...",
"size": 15728640,
"format": "zip"
},
"createdAt": "2024-04-01T10:00:00Z",
"updatedAt": "2024-04-01T12:30:00Z"
}
],
"pagination": {
"page": 1,
"limit": 10,
"total": 23,
"totalPages": 3
}
}curl -X GET "https://api.cortif.ai/api/evidence-packs?type=compliance&status=completed" \
-H "Cookie: session-token=your_session_token"Create Evidence Pack
Generate a new evidence pack for a specific time period or incident.
POST /api/evidence-packs
Content-Type: application/json
Cookie: session-token=your_session_token
{
"projectId": "proj_123",
"name": "Model Drift Investigation",
"description": "Evidence collection for accuracy degradation incident",
"type": "incident",
"metadata": {
"period": {
"startDate": "2024-01-10T00:00:00Z",
"endDate": "2024-01-15T23:59:59Z"
},
"regulations": ["SOX"],
"includeRuns": true,
"includeAlerts": true,
"includeMetrics": true,
"includeLogs": true
}
}Required Fields:
projectId: Associated project IDname: Evidence pack name (string, 1-200 characters)
Optional Fields:
description: Detailed descriptiontype: Evidence pack categorymetadata: Collection parameters and context
{
"success": true,
"data": {
"id": "pack_456",
"projectId": "proj_123",
"name": "Model Drift Investigation",
"description": "Evidence collection for accuracy degradation incident",
"type": "incident",
"status": "pending",
"metadata": {
"period": {
"startDate": "2024-01-10T00:00:00Z",
"endDate": "2024-01-15T23:59:59Z"
},
"regulations": ["SOX"],
"includeRuns": true,
"includeAlerts": true,
"includeMetrics": true,
"includeLogs": true
},
"createdAt": "2024-01-16T09:00:00Z",
"updatedAt": "2024-01-16T09:00:00Z"
}
}curl -X POST https://api.cortif.ai/api/evidence-packs \
-H "Content-Type: application/json" \
-H "Cookie: session-token=your_session_token" \
-d '{
"projectId": "proj_123",
"name": "Model Drift Investigation",
"type": "incident",
"metadata": {
"period": {
"startDate": "2024-01-10T00:00:00Z",
"endDate": "2024-01-15T23:59:59Z"
}
}
}'Get Evidence Pack
Retrieve a specific evidence pack with detailed information.
GET /api/evidence-packs/pack_789
Cookie: session-token=your_session_token{
"success": true,
"data": {
"id": "pack_789",
"projectId": "proj_123",
"name": "Q1 2024 Compliance Report",
"description": "Quarterly compliance evidence for regulatory audit",
"type": "compliance",
"status": "completed",
"metadata": {
"period": {
"startDate": "2024-01-01T00:00:00Z",
"endDate": "2024-03-31T23:59:59Z"
},
"regulations": ["GDPR", "SOX", "HIPAA"],
"artifacts": [
"model_validation_reports.pdf",
"performance_metrics.json",
"audit_trail.csv",
"compliance_checklist.pdf"
],
"checksum": "sha256:a1b2c3d4e5f6...",
"size": 15728640,
"format": "zip"
},
"contents": {
"runs": 45,
"alerts": 12,
"metrics": 1250,
"logs": 8900,
"reports": 5
},
"validity": {
"isValid": true,
"verifiedAt": "2024-04-01T12:30:00Z",
"signature": "digital_signature_hash"
},
"createdAt": "2024-04-01T10:00:00Z",
"updatedAt": "2024-04-01T12:30:00Z"
}
}curl -X GET https://api.cortif.ai/api/evidence-packs/pack_789 \
-H "Cookie: session-token=your_session_token"Download Evidence Pack
Download the complete evidence pack as a compressed archive.
GET /api/evidence-packs/pack_789/download
Cookie: session-token=your_session_tokenHTTP/1.1 200 OK
Content-Type: application/zip
Content-Disposition: attachment; filename="Q1_2024_Compliance_Report.zip"
Content-Length: 15728640
[Binary ZIP file content]curl -X GET https://api.cortif.ai/api/evidence-packs/pack_789/download \
-H "Cookie: session-token=your_session_token" \
-o "evidence_pack.zip"Verify Evidence Pack
Verify the integrity and authenticity of an evidence pack.
POST /api/evidence-packs/pack_789/validity
Cookie: session-token=your_session_token{
"success": true,
"data": {
"packId": "pack_789",
"isValid": true,
"verificationResults": {
"checksumMatch": true,
"signatureValid": true,
"timestampValid": true,
"contentsIntact": true
},
"verifiedAt": "2024-01-16T10:30:00Z",
"certificate": {
"issuer": "Cortif.AI Certificate Authority",
"validFrom": "2024-01-01T00:00:00Z",
"validTo": "2025-01-01T00:00:00Z"
}
}
}curl -X POST https://api.cortif.ai/api/evidence-packs/pack_789/validity \
-H "Cookie: session-token=your_session_token"Update Evidence Pack
Update evidence pack metadata or status.
PATCH /api/evidence-packs/pack_456
Content-Type: application/json
Cookie: session-token=your_session_token
{
"description": "Updated: Evidence collection for model accuracy degradation incident - resolved",
"status": "archived",
"metadata": {
"resolution": "Model retrained with additional data",
"resolutionDate": "2024-01-20T15:00:00Z",
"tags": ["resolved", "model-drift", "retraining"]
}
}{
"success": true,
"data": {
"id": "pack_456",
"projectId": "proj_123",
"name": "Model Drift Investigation",
"description": "Updated: Evidence collection for model accuracy degradation incident - resolved",
"type": "incident",
"status": "archived",
"metadata": {
"period": {
"startDate": "2024-01-10T00:00:00Z",
"endDate": "2024-01-15T23:59:59Z"
},
"regulations": ["SOX"],
"resolution": "Model retrained with additional data",
"resolutionDate": "2024-01-20T15:00:00Z",
"tags": ["resolved", "model-drift", "retraining"]
},
"createdAt": "2024-01-16T09:00:00Z",
"updatedAt": "2024-01-20T16:00:00Z"
}
}curl -X PATCH https://api.cortif.ai/api/evidence-packs/pack_456 \
-H "Content-Type: application/json" \
-H "Cookie: session-token=your_session_token" \
-d '{
"status": "archived",
"metadata": {
"resolution": "Issue resolved"
}
}'Evidence Pack Templates
Create reusable templates for common evidence collection scenarios.
POST /api/evidence-packs/templates
Content-Type: application/json
Cookie: session-token=your_session_token
{
"name": "Monthly Compliance Template",
"description": "Standard monthly compliance evidence collection",
"type": "compliance",
"template": {
"metadata": {
"regulations": ["GDPR", "SOX"],
"includeRuns": true,
"includeAlerts": true,
"includeMetrics": true,
"includeLogs": false,
"period": "monthly"
},
"artifacts": [
"performance_summary",
"alert_analysis",
"compliance_checklist"
]
}
}{
"success": true,
"data": {
"id": "template_123",
"name": "Monthly Compliance Template",
"description": "Standard monthly compliance evidence collection",
"type": "compliance",
"template": {
"metadata": {
"regulations": ["GDPR", "SOX"],
"includeRuns": true,
"includeAlerts": true,
"includeMetrics": true,
"includeLogs": false,
"period": "monthly"
},
"artifacts": [
"performance_summary",
"alert_analysis",
"compliance_checklist"
]
},
"createdAt": "2024-01-16T11:00:00Z"
}
}Bulk Evidence Collection
Create multiple evidence packs for different projects or time periods.
POST /api/evidence-packs/bulk
Content-Type: application/json
Cookie: session-token=your_session_token
{
"templateId": "template_123",
"projects": ["proj_123", "proj_456", "proj_789"],
"period": {
"startDate": "2024-01-01T00:00:00Z",
"endDate": "2024-01-31T23:59:59Z"
},
"namePattern": "{{project.name}} - January 2024 Compliance"
}{
"success": true,
"data": {
"batchId": "batch_456",
"packs": [
{
"id": "pack_101",
"projectId": "proj_123",
"name": "Customer Support Chatbot - January 2024 Compliance",
"status": "pending"
},
{
"id": "pack_102",
"projectId": "proj_456",
"name": "Fraud Detection Model - January 2024 Compliance",
"status": "pending"
}
],
"totalPacks": 3,
"estimatedCompletion": "2024-01-16T14:00:00Z"
}
}Error Handling
Common error responses for evidence pack operations:
| Status Code | Error | Description |
|---|---|---|
400 | INVALID_INPUT | Invalid request data |
401 | UNAUTHORIZED | Authentication required |
403 | FORBIDDEN | Insufficient permissions |
404 | PACK_NOT_FOUND | Evidence pack doesn't exist |
409 | PACK_IN_PROGRESS | Pack is currently being generated |
422 | VALIDATION_ERROR | Input validation failed |
507 | STORAGE_FULL | Insufficient storage space |
SDK Examples
JavaScript/TypeScript
import { CortifClient } from '@cortif/sdk';
const client = new CortifClient();
// Create evidence pack
const pack = await client.evidencePacks.create({
projectId: 'proj_123',
name: 'Quarterly Audit Evidence',
type: 'compliance',
metadata: {
period: {
startDate: '2024-01-01T00:00:00Z',
endDate: '2024-03-31T23:59:59Z'
},
regulations: ['GDPR', 'SOX']
}
});
// Monitor pack generation
const packStatus = await client.evidencePacks.get(pack.id);
console.log(`Pack status: ${packStatus.status}`);
// Download when ready
if (packStatus.status === 'completed') {
const downloadUrl = await client.evidencePacks.getDownloadUrl(pack.id);
// Use downloadUrl to download the pack
}
// Verify pack integrity
const verification = await client.evidencePacks.verify(pack.id);
console.log(`Pack is valid: ${verification.isValid}`);Python
from cortif import CortifClient
import time
client = CortifClient()
# Create evidence pack
pack = client.evidence_packs.create({
'project_id': 'proj_123',
'name': 'Quarterly Audit Evidence',
'type': 'compliance',
'metadata': {
'period': {
'start_date': '2024-01-01T00:00:00Z',
'end_date': '2024-03-31T23:59:59Z'
},
'regulations': ['GDPR', 'SOX']
}
})
# Wait for completion
while True:
pack_status = client.evidence_packs.get(pack['id'])
if pack_status['status'] == 'completed':
break
elif pack_status['status'] == 'failed':
raise Exception('Pack generation failed')
time.sleep(30)
# Download the pack
client.evidence_packs.download(pack['id'], 'evidence_pack.zip')
# Verify integrity
verification = client.evidence_packs.verify(pack['id'])
print(f"Pack is valid: {verification['is_valid']}")Best Practices
Evidence Pack Management Tips
- Regular Collection: Schedule regular evidence collection for compliance
- Descriptive Names: Use clear naming conventions with dates and purposes
- Proper Classification: Choose appropriate types and regulations
- Secure Storage: Store evidence packs in secure, backed-up locations
- Verification: Regularly verify pack integrity and authenticity
- Retention Policies: Implement proper retention and deletion policies
- Access Control: Limit access to authorized personnel only
Compliance Features
Digital Signatures
All evidence packs are digitally signed for authenticity:
{
"signature": {
"algorithm": "RSA-SHA256",
"timestamp": "2024-01-16T12:00:00Z",
"certificate": "-----BEGIN CERTIFICATE-----...",
"hash": "sha256:abc123..."
}
}Audit Trail
Complete audit trail for all evidence pack operations:
{
"auditTrail": [
{
"action": "created",
"userId": "user_123",
"timestamp": "2024-01-16T09:00:00Z",
"details": "Evidence pack created for Q1 compliance"
},
{
"action": "downloaded",
"userId": "auditor_456",
"timestamp": "2024-01-16T15:30:00Z",
"details": "Downloaded by external auditor"
}
]
}Retention Policies
Configure automatic retention and deletion:
{
"retentionPolicy": {
"retentionPeriod": "7y",
"autoDelete": false,
"archiveAfter": "1y",
"notifyBefore": "30d"
}
}