mahi/Goa-gel-fullstack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Rebuild documentation as enterprise-grade TLAS platform

Browse Source 
- Migrate from custom HTTP server to VitePress framework
- Rename project to Tokenized License Approval System (TLAS)
- Add comprehensive documentation for all stakeholders:
  - Business: Executive summary, value proposition, governance
  - Operations: Infrastructure, installation, monitoring, backup
  - Departments: User guide, workflows, verification, issuance
  - Developers: API reference, authentication, webhooks, SDKs
  - Compliance: OWASP, DPDP Act, IT Act, audit framework
- Add modern theme with dark mode and full-text search
- Update Dockerfile for VitePress build process

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Mahi
2026-02-10 00:05:20 -04:00
parent 4a5bf16827
commit 435889ee79
65 changed files with 6324 additions and 8342 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
Documentation/compliance/audit.md Normal file
View File

@@ -0,0 +1,86 @@
# Audit Framework
## Audit Logging
### What is Logged
| Event Type | Details Captured |
|------------|------------------|
| Authentication | User ID, timestamp, IP, success/failure |
| Application Actions | User, action, application ID, before/after state |
| Document Access | User, document ID, action (view/download) |
| Configuration Changes | User, setting, old value, new value |
| System Events | Service, event type, severity |
### Log Format
```json
{
"timestamp": "2026-02-09T10:30:00.000Z",
"eventType": "APPLICATION_APPROVED",
"userId": "DEPT-OFFICER-001",
"sessionId": "sess_abc123",
"ipAddress": "10.0.1.50",
"resource": {
"type": "APPLICATION",
"id": "APP-2026-00001"
},
"action": "APPROVE",
"previousState": "IN_REVIEW",
"newState": "APPROVED",
"metadata": {
"stage": "SUPERVISOR_APPROVAL",
"notes": "Documents verified"
}
}
```
### Log Retention
| Log Type | Retention Period |
|----------|------------------|
| Security events | 7 years |
| Application actions | 7 years |
| System logs | 1 year |
| Debug logs | 30 days |
## Audit Reports
### Standard Reports
| Report | Frequency | Recipients |
|--------|-----------|------------|
| Login Activity | Daily | Security team |
| Application Processing | Weekly | Department heads |
| SLA Compliance | Weekly | Management |
| System Health | Daily | IT operations |
### On-Demand Reports
Available through Admin Console:
- User activity by date range
- Application history
- Document access log
- Configuration change history
## Compliance Audits
### Internal Audits
- Quarterly access review
- Annual security assessment
- Monthly SLA review
### External Audits
- Annual third-party security audit
- Regulatory compliance review as required
- Blockchain transaction verification
## Tamper Detection
Audit logs are protected by:
- Append-only storage
- Cryptographic hash chaining
- Separate log storage from application database
- Real-time replication to secure archive