Deep Dive

Audit Architecture

Reproducible judgment. Immutable trace. Fail-closed gates. How MARIA OS transforms audit from retroactive inspection to structural guarantee.

Audit Deep Dive / Workflow Pipeline

End-to-End Audit Workflow

Knowledge Packs define the standard. Agents execute judgment. Gates enforce the trace. Evidence proves the conclusion.

Knowledge Packs

Manual Pack

Standards & checklists

Program Pack

Scope & timeline

Criteria Pack

Assertions & thresholds

Scope Pack

Boundaries & sampling

6-Agent Pipeline
Evidence CollectorGatherFinding AnalystEvaluateRisk AssessorScoreReport DrafterDraftQuality ReviewerVerifyTrace AuditorSeal
4-Stage Responsibility Gates
Schema GatePre-Alignment GateExecution GatePost-Audit Gate
Audit Artifacts
Finding ReportEvidence BundleRisk MatrixAudit Trail
Immutable Trace

Every judgment → Evidence snapshot → Hash-linked trace → Full reproducibility

Packs define. Agents execute. Gates enforce. Evidence proves.

Audit Deep Dive / Agent Teams

6-Agent Parallel Architecture

3 teams work in parallel. Each agent produces an independent output. All outputs converge at the audit gate.

Collection Team1 agent

Parallel evidence gathering

Evidence Collector
Gather & hash evidence
Evidence Bundle
Analysis Team3 agents

Parallel evaluation & drafting

Finding Analyst
Apply criteria & classify
Finding Draft
Risk Assessor
Score materiality & impact
Risk Matrix
Report Drafter
Generate cited report
Audit Report
Verification Team2 agents

Parallel quality & trace

Quality Reviewer
Verify coverage & consistency
Quality Seal
Trace Auditor
Validate reproducibility
Trace Certificate
Audit Gate Convergence
All 6 outputs validated, hash-linked, merged into unified finding
Unified Audit Package
Evidence + Finding + Risk + Trace = Immutable audit record
3
Parallel Teams
6
Total Agents
6
Independent Outputs
1
Convergence Points

Parallel execution. Independent judgment. Converged evidence. Single audit gate.

Audit Deep Dive / Lifecycle Engine

4-Phase Audit Lifecycle

Same 4 phases every auditor knows. Now with agents, packs, and gates that make every decision traceable by default.

01
Planning
Traditional

Manual scope definition, risk assessment meetings

MARIA OS

Scope Agent + Scope Pack

Schema Gate validates audit structure

02
Fieldwork
Traditional

Manual evidence collection and testing

MARIA OS

Evidence Collector + Criteria Pack

Execution Gate records all actions

03
Reporting
Traditional

Manual finding drafting and review

MARIA OS

Report Drafter + Finding Analyst

Post-Audit Gate verifies output

04
Follow-up
Traditional

Manual trace verification

MARIA OS

Trace Auditor + Quality Reviewer

Reproducibility verification

Same 4 phases. Zero ambiguity about who decided what.

Audit Deep Dive / Evidence Architecture

Offline Knowledge Pack: 5-Layer Evidence Structure

For government and financial institutions. Knowledge structure prioritizing reliability and explainability over speed.

Layer 01Package Metadata Layer

Who created this knowledge, when, and for what scope

package_idmunicipal-compliance-jp
version1.0.0
scopeLocal Gov Internal Affairs
time_basisAs of April 2025

Distinguishes official government views from operational practices

By separating knowledge origin from interpreter, we ensure audit accountability.

Audit Deep Dive / Gate Policy

Gate Policy: Pre / Decision / Post

In finance, mistakes cause immediate incidents and retroactive fixes are impossible. Knowledge alone is insufficient; Gate Policy integration is essential.

Pre-GateInput Validation

Block before AI touches it

Financial product classification unknown
Immediate Block
Customer attributes undetermined
Immediate Block
Legal basis insufficient
Immediate Block
No matching Evidence in offline knowledge
Immediate Block

Point:If stopped here, AI is never involved at all

Offline Knowledge Referenced by Gate Policy

Knowledge Pack Version
Evidence Presence
Interpretation Risk Rating
Expiration Date

Outdated knowledge, weak basis, high risk → Gate closes

Using AI, but not delegating to AI.

Audit Deep Dive / Risk Level Gates

Risk Level Gate Definition: Level 0-3

Risk levels are defined by responsibility and impact scope, not technical risk. Gates determine where to stop, not accuracy.

Level 0Information Reference
Legal text searchInternal policy lookupTerm definition
Open
Decision MakerHuman
AI RoleSearch & Present Only
Pre-GateKnowledge Pack Verification
Decision-GateAlways Open
Post-GateNo Output Restrictions
Human ReviewNot Required

Point:AI makes no judgments. Digital replacement for paper law books.

Rules Common to All Levels

Immediate block if offline knowledge does not exist
Online information cannot be treated as Evidence
Knowledge pack version is locked in decision log
Decisions that cannot be reproduced later are prohibited

In financial audits, the question is not whether you use AI, but how you stop AI.

Audit Deep Dive / Trace Chain

Immutable Trace Chain

Every judgment carries the hash of its evidence. Tamper with one, break them all.

TC-001Schema Validation
Evidence Collector
a3f7...c2d1
prev:0000...0000
T+0:00:12
TC-002Criteria Match
Finding Analyst
b8e2...d4f5
prev:a3f7...c2d1
T+0:01:34
TC-003Risk Assessment
Risk Assessor
c1d4...e7a2
prev:b8e2...d4f5
T+0:02:18
TC-004Report Draft
Report Drafter
d5f8...a3b6
prev:c1d4...e7a2
T+0:03:45
TC-005Quality Seal
Trace Auditor
e9c2...f1d8
prev:d5f8...a3b6
T+0:04:02
How It Works
Immutable RecordEach block captures agent, action, and evidence hash at execution time.
Hash LinkingEvery block references the hash of the previous block, creating a chain.
Tamper DetectionIf any hash changes, the chain breaks and the audit is invalidated.
Full ReproducibilityAny auditor can re-run the chain and get the same result.
Tamper Detection

If any evidence hash changes after the fact, the subsequent chain breaks. The system flags exactly which block was altered and freezes the audit for human review.

Chain integrity verified at every gate transition

Every judgment carries the hash of its evidence. Tamper with one, break them all.

Audit Deep Dive / Finding Classification

Finding Classification Engine

Severity is not opinion. It is the output of evidence meeting criteria through gates.

Level 1Observation
Informational
Required Evidence1 source
Gate ApprovalAuto-approve
EscalationNone
Response SLAN/A
CriteriaNo control deficiency. Informational note for management awareness.
ExampleMinor documentation gap with no operational impact

Point:Higher severity demands more evidence, stricter gates, and faster response. The system enforces this automatically.

Classification is not opinion. It is the output of evidence meeting criteria through gates.

Audit Deep Dive / Sampling & Materiality

Sampling & Materiality Engine

Scope is a function of materiality and risk, not opinion.

Materiality Thresholds
Revenue %0.5% – 2%
Typical1%
Basis:Total Revenue
Total Assets %0.25% – 1%
Typical0.5%
Basis:Total Assets
BlendedWeighted avg
TypicalCustom
Basis:Multi-metric
Sampling Strategy
Statistical

Random selection with confidence interval

Gate Constraint: Scope Pack defines population, Schema Gate validates sample size
Judgmental

Risk-based selection by analyst

Gate Constraint: Human gate required, rationale recorded in trace
Haphazard

Convenience selection for low-risk areas

Gate Constraint: Only permitted for L0 risk level items
Population
Sample
Coverage

The boundary of audit is not opinion. It is a function of materiality and risk.

Audit Deep Dive / Compliance Mapping

Compliance Framework Mapping

One architecture. Every standard.

Schema Gate

Structural validation before execution

Evidence Layer

Raw source preservation with zero interpretation

Trace Chain

Immutable hash-linked audit trail

Gate Policy

Pre/Decision/Post gate enforcement

Finding Engine

Severity classification with evidence requirements

Reproducibility

Deterministic replay verification

SOX / J-SOXUS / Japan6/6 components

Internal control over financial reporting

One architecture. Every standard. Pack determines compliance, not platform.

Audit Deep Dive / Reproducibility

Reproducibility Guarantee

Same input. Same judgment. Every time.

1
Run 1
AgentFinding Analyst v2.1
PackCriteria Pack v1.0.0
Evidence SetEV-SET-2026-0215
FindingFinding-X (Revenue Recognition Timing)
Output Hashe7a3f2...b1c9d0
Delta: 0100% Match
2
Run 2
AgentFinding Analyst v2.1
PackCriteria Pack v1.0.0
Evidence SetEV-SET-2026-0215
FindingFinding-X (Revenue Recognition Timing)
Output Hashe7a3f2...b1c9d0
01

Input Lock

Evidence + Pack version frozen at engagement start

02

Execution Lock

Agent behavior deterministic within gate constraints

03

Output Lock

Finding hash matches across replays

If you cannot reproduce the judgment, you cannot audit it.

Audit Deep Dive / Multi-Universe Orchestration

Cross-Universe Audit Orchestration

Audit is the meta-layer that verifies all universes

Sales Universe

Revenue recognition, deal approval traces

Evidence CollectorFinding Analyst
Read-only access to Sales pipeline state
FAQ Universe

Response accuracy, knowledge freshness

Quality ReviewerTrace Auditor
Cannot modify FAQ content or routing

Hub

Audit Universe

CPA Universe

Regulatory compliance, calculation verification

Risk AssessorEvidence Collector
Cannot alter tax calculations
Auto-Dev Universe

Code quality, deployment approval traces

Trace AuditorFinding Analyst
Cannot modify codebase or CI/CD

Audit agents have read-only access. They observe and verify. They cannot modify target universe state.

Audit is not a universe. It is the meta-layer that verifies all universes.

Audit Deep Dive / Quality Metrics

Audit Architecture Effectiveness

Structural guarantees, not aspirations

Trace Completeness

100%

All decisions have evidence chain

Gate Coverage

4/4

All gates active

Finding Accuracy

98.7%

Validated by quality reviewer

Reproducibility

100%

Replay verified

Evidence Integrity

SHA-256

Cryptographic verification

Pack Freshness

14 days

Last pack update

Universe Coverage

4/4

All universes auditable

Compliance Mapping

5/5

All standards mapped

These are not aspirations. They are structural guarantees.