Evidence Packages: When the Auditor Wants the Bundle, Not the Trail
The contract-scope and batch-scope evidence bundles that include erasure certs, photos, audit-tool reports, and the chain-of-custody log.
An auditor doesn’t want to navigate the platform. They want a ZIP file with everything they need to verify a specific claim. Evidence packages are the export format built around that need — at the contract level, the batch level, or the per-asset level.
Three scopes
Per-asset: the smallest scope. Photos, defect record, grading audit, erasure certificate, transfer history. Used for individual disputes or per-device queries.
Per-batch: a sale-batch or a contract-batch. Aggregates per-asset packages with the batch’s metadata, the buyer or contract reference, the settlement details. Used for buyer audits ("show me what I bought") and for outbound documentation.
Per-contract: every batch under a contract for a defined period. The largest scope, for the annual audit moment when a client asks for a full account of what was processed under their service agreement.
What gets included
Asset-level: the testing audit, the defect picks, the auto-grade engine output, the manual override (if any), the erasure certificate (Blancco-compatible PDF or the platform-generated cert), the photo set with timestamps. Batch-level: the buyer or destination, the settlement breakdown, the BOL or shipping document. Contract-level: every batch, plus the SLA performance summary, the chargeback log, the certifications-active-during-period list.
Format
ZIP with a top-level manifest.json that maps every file to its semantic meaning, and supporting files in a structured directory tree (assets/, photos/, certificates/, settlements/, audit-trail.csv). The auditor opens the manifest to navigate, and the file structure is consistent across packages — making the auditor’s job repeatable from one client to the next.
Generation
Triggered from the contract detail, the batch detail, or the asset detail. The platform queues the job (large packages take time to assemble), the operator gets a notification when it’s ready, and the download link is valid for 7 days. The package is signed (HMAC over the manifest) so the auditor can verify it wasn’t tampered with after download.