AI RECEIPT SPEC (AUDIT-READY) — STARTER TEMPLATE

Goal
Define an exportable “receipt” for one AI workflow so you can prove what happened: inputs, model, tools, policies, approvals, and outputs.

1) Scope the workflow
- Workflow name: __________________________
- Trigger (UI/API/job): _____________________
- Business impact if wrong (1 sentence): __________________________
- Systems touched (e.g., Slack, Gmail, Jira, GitHub): __________________________

2) Receipt ID and correlation
- Receipt ID format (UUID/ULID): ___________
- Correlation IDs (request_id, session_id, job_id): __________________________
- Tenant/org ID field: ______________________
- Actor fields: user_id, service_account_id, role

3) Model run evidence (required fields)
- Provider (OpenAI/Anthropic/Bedrock/Vertex/Azure): __________
- Model name: __________ Model version/date: __________
- Parameters set (temperature, top_p, etc.): __________
- System prompt stored? (yes/no; if no, store hash): __________
- User input stored? (yes/no; if no, store hash): __________
- Output stored? (yes/no; if no, store hash): __________

4) Retrieval / context (if RAG)
- Retriever type (vector/keyword/hybrid): __________
- Store each retrieved item with:
 - Source system + document ID
 - Retrieval query (or hash)
 - Snippet stored? (yes/no) or snippet hash
 - Timestamp

5) Tool use
For every tool call attempt, record:
- Tool name + version (if internal)
- Requested arguments (redact sensitive values; store hash if needed)
- Policy decision: allow / block / require_approval
- Executed? yes/no
- Tool result stored? (yes/no; or hash)

6) Policy and safety enforcement
- Policy set version (e.g., “policy_pack_v3”): __________
- Checks performed (PII scan, content policy, allowlist, rate limit): __________
- Decision and matched rule IDs: __________
- Exception path (who can override, how logged): __________

7) Human oversight
- Does this workflow require approval? (always/sometimes/never)
- Approval artifact:
 - approver_id
 - timestamp
 - what exactly was approved (draft output hash + final output hash)
 - ticket ID (Jira/ServiceNow/etc.)

8) Data retention and export
- Retention for raw inputs/outputs: __________
- Retention for hashes/metadata: __________
- Deletion handling (GDPR/CPRA request): __________
- Export format: JSONL/CSV/PDF bundle
- Export endpoint and access control: __________

9) Incident readiness
- How to answer: “What happened for Receipt ID X?” (1 query/runbook link)
- Alerts on: policy blocks spike, tool-call failures, unusual destinations
- Owner on-call rotation or responsible team: __________

Definition of Done
- A receipt can be generated for any run in this workflow.
- A non-engineer (security/compliance) can read the export.
- The receipt clearly distinguishes: attempted actions vs executed actions.
- Sensitive data handling is explicit (stored vs hashed vs redacted).