Data posture
Production exports default to metadata, hashes, artifact IDs, and redacted excerpts.
Trace redaction events and evidence package manifests
Security and trust
Audit evidence without uncontrolled authority.
Cairn starts with read-only audit posture, keeps provenance attached to every source-dependent finding, and blocks controlled decisions from AI or service actors.
Security and regulatory trust
Human authority stays explicit.
Cairn can propose and prepare evidence, but controlled quality decisions remain bounded by human review, policy, permissions, and audit records.
Security
Support access requires approval, scoped sessions, and audit events.
Support access grants, sessions, and auth events
Source integrity
Every finding cites the source version, mirror freshness, and run context it depended on.
Source artifact versions, sync states, and compiler run artifacts
Regulatory authority
Catalog fixtures and AI judgments route to consultant or human review until formally approved.
Catalog version, rubric snapshots, and review queue events
| Boundary | Posture |
|---|---|
| Approvals, release, and signatures | AI never signs, approves, releases, or closes controlled quality records. |
| External writes | Would-writes require trigger envelopes, deterministic validation, output records, idempotency, and replay. |
| Final risk and submission decisions | Humans retain final risk acceptance and final submission-required determinations. |
| Customer systems of record | Cairn mirrors source systems and routes work back to them; it does not force day-one QMS replacement. |