Legal pillar · v0.16.0
audit-evidence AuditEvidence
One audit-evidence record.
$id · https://corpospec.com/schemas/v0.16.0/audit-evidence.schema.json
Fields
| Field | Type | Required | Description |
|---|---|---|---|
| artefact_ref | PathRef | yes | PathRef to the artefact (PDF, ZIP, screenshot). |
| audit_id | PathRef | yes | Audit cycle this evidence belongs to (e.g. SOC 2 2026 Type II). |
| audit_kind | AuditKind | yes | Audit kind. |
| collected_by | PathRef | yes | Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$` |
| collected_on | IsoDate | yes | ISO 8601 date (YYYY-MM-DD). |
| confidentiality | Confidentiality | yes | Cross-cutting confidentiality classification used across privacy, security, knowledge, IR pillars. Default rendering rule: `corpospec-report` excludes `Restricted | BoardOnly | InvestorOnly` records from public output unless an explicit audience parameter overrides. See BDR 0076 §1. |
| control | PathRef | yes | PathRef to the security control proved. |
| entity | PathRef | yes | Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$` |
| id | PathRef | yes | Path-based cross-reference relative to .corpospec/ root. Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$` |
| kind | EvidenceKind | yes | Evidence collection kind. |
| review_status | EvidenceReviewStatus | yes | Evidence review status. |
| valid_from | IsoDate | yes | Validity window — evidence is fresh between these dates. |
| valid_to | IsoDate | yes | ISO 8601 date (YYYY-MM-DD). |
| reviewed_by | PathRef? | — | |
| reviewed_on | IsoDate? | — | |
| reviewer_notes | string? | — | Auditor / reviewer notes. |
Definitions
Shared types referenced within this schema.
AuditKind
Audit kind.
Confidentiality
Cross-cutting confidentiality classification used across privacy,
security, knowledge, IR pillars. Default rendering rule: `corpospec-report`
excludes `Restricted | BoardOnly | InvestorOnly` records from public output
unless an explicit audience parameter overrides. See BDR 0076 §1.
EvidenceKind
Evidence collection kind.
EvidenceReviewStatus
Evidence review status.
IsoDate
ISO 8601 date (YYYY-MM-DD).
type: string
PathRef
Path-based cross-reference relative to .corpospec/ root.
Pattern: `^[a-z0-9_-]+(/[a-z0-9_.-]+)+$`
pattern: ^[a-z0-9_-]+(/[a-z0-9_.-]+)+$
Reference in your YAML
# yaml-language-server: $schema=https://corpospec.com/schemas/v0.16.0/audit-evidence.schema.json