Alloovium

Exchange

Audit dossier

Every revision, every party, every acknowledgement — signed and timestamped. This is the load-bearing differentiator over filename-suffix workflows.

Signed audit dossier export — every revision and acknowledgement

Write-once

The audit log is append-only. No update or delete path exists in the application or the API. Auditors, lawyers, and certifiers can rely on the fact that a row was true at the time of the event and has not been rewritten since.

Don't bypass the log

If something needs correcting in the record, the correction is written as a new event — never by editing the original. This is the same pattern used by accounting systems for legally defensible bookkeeping.

What gets logged

Four event classes write to the dossier:

  • Every revision — upload, publish, supersede.
  • Every acknowledgement, comment, and resolve.
  • Every read and download.
  • Every export and signed-dossier generation.

Three-layer actor identity

Each row snapshots the actor at three layers, recorded as they stood the day of the event:

  • Personthe human who took the action. Display name plus stable user ID.
  • Organisationthe company they were acting for at the time. Stored separately from the person so dual-affiliation is unambiguous.
  • Credentialthe role and permission set they held. A later role revocation does not rewrite history.

These three are denormalised at write time. Subsequent renames, org-membership changes, or role revocations affect only future events.

Exports

  • Signed DOCX dossierthe full event timeline as a formatted document, signed for legal admissibility.
  • CSVraw rows for spreadsheet analysis, reconciliation, and offline review.
  • APIpaginated JSON over the REST API. Filter by date range, actor, document, or event class.