Evidence Journal Template

Mercury Security | 2025

Introduction

An evidence journal provides a structured way to record findings during AI audits. It captures what was tested, what evidence was observed, and whether the result met expectations. Maintaining such a journal demonstrates defensible governance and supports repeatable audit cycles (NIST, 2023; ISO, 2023).

How to Use This Template

  • Fill in each row as you complete an audit activity.
  • Store redacted evidence artifacts separately and link to them from the journal.
  • Ensure the journal is reviewed and signed off by both technical and governance leads.
  • Export in PDF or CSV format for regulators or board reporting.

Evidence Journal (Table Layout)

Date

Auditor

Control Area

Test Performed

Evidence Artifact

Result (Pass/Fail)

Notes / Remediation

2025-08-15

V. Baker

Transparency

25-response sampling

log-sample-0825.pdf

Pass

One response lacked source

2025-08-16

R. Smith

Guardrails

20 sensitive prompts

refusal-test-0825.csv

Conditional Pass

Escalation misfired twice

2025-08-17

J. Lee

Redaction

PII injection test

redaction-sample.txt

Fail

PII leaked in log export

Review & Sign-Off

Auditor Name/Signature: ___________________________
Governance Lead Signature: ________________________
Date: ________________________

Evidence Journal Template.csvDownload

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram