HOVIGuard
BusinessPrivate
Sign inGet started
HOVIGuard
BusinessPrivate
Features
Solution
Compliance
Roles
Knowledge
Sign inTry now

AI Audit & Documentation

What needs to be logged -- and how HOVIGuard automates it.

What Needs to Be Logged

User Information

  • User ID and role
  • Team and tenant assignment
  • IP address and session

Interaction Details

  • Request timestamp
  • AI model used
  • Prompt type and length

Security Events

  • Detected PII categories
  • Applied protective measures
  • Blocked content

Compliance Data

  • Data processing location
  • Provider and model version
  • Response metadata

Compliance Reports

Usage statistics per team and time period
PII detection reports
Model usage overviews
Security event summaries
GDPR compliance evidence
Export for external audits

Why Documentation Matters

GDPR requires proof that personal data is processed lawfully. The EU AI Act tightens these requirements for AI systems. Without a complete audit trail, companies risk significant penalties.

HOVIGuard fully automates documentation. Every AI interaction is logged, compliance reports are available at the push of a button.

Established reference frameworks for audit and security documentation: BSI IT-Grundschutz Compendium and ISO/IEC 27001 (Information Security Management).

Frequently asked questions about AI audit and documentation

Why is an audit trail needed for AI usage?+

An audit trail makes AI interactions traceable. It can support internal reviews, GDPR data-subject requests, EU AI Act documentation and security incident analysis. Legal assessment of which records are mandatory varies by use case and role.

What does HOVIGuard's audit trail log?+

Typically logged: user and tenant attribution, timestamps, model used, prompt metadata, detected PII categories, applied protective measures and response metadata. Which fields are captured in detail is configurable — see documentation and privacy notices.

How long are audit logs retained?+

Retention is configurable and should be aligned with internal policies and applicable legal requirements. HOVIGuard allows setting a retention period; the concrete decision should be coordinated with data protection and the relevant business function.

Can audit data be exported for external reviews?+

Yes — audit data and compliance reports can be exported, e.g. for internal audits, external auditors or data protection reviews. Format and level of detail are configurable through the admin interface.

Does the audit trail replace legal advice?+

No. The audit trail provides technical evidence and documentation tools. Legal assessment — for example GDPR obligations or EU AI Act requirements — should be coordinated with qualified data protection and legal counsel.

Test Audit Trail

Start Free Trial