AIM
Architectural Insight for Modernization
AI Audit & Decision Provenance
Every AI-assisted recommendation AIM produces is cryptographically sealed and independently verifiable — without requiring an account.
Every serious modernization decision needs to be defensible. A federal contracting officer, a hospital CFO, a state CIO, a bank’s CRO, and a commercial board all have to answer the same question before they sign: where did this number come from, and can the process be reproduced? “The AI said so” is not an acceptable answer in any of those rooms.
AIM is the pre-decision intelligence layer. The audit-ready record is built at the moment the modernization decision is being made — not retrofitted after a platform has been chosen. Decision Provenance is a property of the decision itself, independent of whatever execution runtime ultimately delivers the work.
1. The Accountability Gap in AI-Generated Procurement Documents
As AI tools become standard in government and enterprise planning, one question follows every output: “How do we know this wasn’t tampered with?”
FAR 7.105
Requires acquisition plans to document the basis for technology and cost decisions — a post-hoc AI explanation does not satisfy this.
OMB Circular A-11
Mandates traceable, methodology-cited cost estimates. "The AI said so" is not a valid basis of estimate.
EU AI Act & emerging AI governance
High-risk AI systems must maintain logs enabling post-hoc auditability, with traceability and technical documentation requirements that continue to expand. AIM's architecture was designed for the direction AI governance is clearly moving: traceability, defensibility, and audit-ready records.
AIM fills this gap with a verifiable audit trail that travels with every exported document — one that any auditor, contracting officer, or review board can independently confirm.
2. What Is a Decision Provenance Record?
Every time AIM runs its scoring engine and produces recommendations, it creates a Decision Provenance Record — a sealed, immutable document that captures the full context of that AI-assisted decision.
What the record captures
Immutability guarantee: Decision Provenance Records are written to an append-only database table protected by triggers that reject all UPDATE and DELETE operations at the database level. Once sealed, a record cannot be altered — not by platform administrators, not by anyone.
3. The Three-Layer Audit Architecture
Patent Pending — U.S. Provisional Application No. 64/021,096
A single audit record is not enough. AIM uses three architecturally linked layers so that a document can be traced all the way from the exported PDF back to the exact AI invocation that produced it — with no gaps in the chain of custody.
Platform Audit Log
Every significant platform action — exports, attestations, permission changes, admin operations — is written to a hash-chained, append-only audit log. Each entry cryptographically references the previous one, making it impossible to insert, delete, or reorder records without detection. This layer covers what happened on the platform.
Assessment Field-Change Events
Every change to assessment inputs — system descriptions, constraints, scope, compliance requirements — is logged as an immutable event with the field name, old value, new value, timestamp, and user. This layer answers: what were the assessment inputs at the exact moment of the decision run, and what changed before or after?
AI Decision Sealing
At the moment the scoring engine executes, AIM computes SHA-256 hashes of the normalized inputs and the ranked outputs separately. Both hashes are written to the immutable decision_runs table. This layer seals the AI's specific inputs and outputs — independent of the assessment state before or after.
Why three layers matter: Each layer answers a different audit question. Layer 1 confirms the action occurred on the platform. Layer 2 establishes what the inputs were at decision time. Layer 3 seals the AI’s specific output. Together, they allow an auditor to trace a PDF document back to its exact AI invocation — and confirm that nothing was changed along the way.
4. Who Decision Provenance Serves
Different sectors call them by different names — but every approving authority needs the same thing: a defensible record of how a recommendation was produced and what it costs to own.
Federal Contracting Officers & Inspectors General
A Decision Provenance Record gives the Contracting Officer (KO) documented evidence that a technology recommendation came from a vendor-neutral, methodology-cited, reproducible process — supporting FAR 7.105 acquisition planning and OMB A-11 cost-estimate documentation. The public verification link lets any IG or auditor — without an AIM account — confirm the cryptographic hashes match the exported PDF.
Hospital CFOs & Healthcare Boards
Capital approval committees need a defensible TCO and risk record before signing off on a system replacement or major modernization. The Decision Provenance Record carries the methodology version, scoring inputs, and cost basis directly into the capital request — and can be reproduced months later if the decision is questioned.
State & Local CIOs and CFOs
Budget appropriation, council approval, and inter-agency review all require a documented basis for the request. A Decision Provenance Record satisfies state procurement-rule documentation requirements without the cost of an outside consultant's engagement letter and final report.
Bank, Insurance & Regulated Industry CROs
When SOX, PCI-DSS, GLBA, or model-risk-management auditors ask how a technology decision was made, the Decision Provenance Record produces a cryptographically sealed, methodology-cited answer — including the constraint inputs, the scoring methodology version, and the catalog fingerprint at decision time.
Program Managers & Commercial CTOs
Every recommendation AIM has ever produced for your organization is permanently recorded with its methodology version, catalog fingerprint, and decision timestamp. Years later, leadership turnover, M&A, or post-mortem reviews can reconstruct exactly what was known and recommended at any prior decision point — a longitudinal record commercial enterprises rarely have access to.
Defense Contractors & Implementation Partners (B&P)
When AIM is used to support a proposal, the Decision Provenance Record provides documented evidence that cost estimates and technology selections were derived from a traceable, methodology-cited process — strengthening technical volume credibility and reducing the risk of post-award protest.
5. Verify a Decision Provenance Record
If you have received an AIM Decision Provenance Record PDF, you can confirm its authenticity without an AIM account. The public verification portal looks up the Run ID in the immutable audit ledger and displays the stored cryptographic hashes — so you can compare them directly against the values printed on your PDF.
Have a Decision Provenance Record PDF?
Enter the Run ID from the cover page of your PDF to confirm it exists in the AIM immutable audit ledger and compare the stored cryptographic hashes. No account required.
Verify a Record at aim.freedomproject.ai/verifyPublic portal — no login, no account, no data submission required. Enter only the Run ID (a UUID from your PDF cover page).
What a successful verification confirms:
- The Run ID exists in the AIM append-only audit ledger — it cannot be fabricated.
- The Input Hash and Output Hash displayed on the portal match those printed on your PDF — confirming the document has not been altered since export.
- The methodology version, catalog fingerprint, and decision timestamp are exactly as recorded at the time of the run.
6. What the Exported PDF Contains
The Decision Provenance Record exports as a structured 9-section PDF designed to be included in a procurement file or handed directly to an auditor or review board.
Cover Page
Run ID, organization, assessment name, decision timestamp, and operator identity.
Record Summary
All run metadata: methodology version, catalog fingerprint, linked report ID, verify URL.
Cryptographic Integrity Chain
Input hash, output hash, hash algorithm, normalization spec, and public verification link.
Methodology & Version Pinning
The exact scoring methodology version and what changed between versions.
Constraint Inputs
Every normalized constraint that shaped the scoring weights at decision time.
Ranked Recommendations
The full ranked output with RAO scores, tier assignments, and dimension breakdowns.
Dimension Scorecards
Per-candidate explainability — what drove each score across all six RAO dimensions.
Warnings & Flags
Any data quality issues, stale pricing flags, or missing input warnings logged at run time.
Verification Instructions
Step-by-step instructions for web verification (no account) and API-based hash re-computation.
7. How to Obtain a Record
Decision Provenance Records are generated automatically for every scoring run within AIM. No special setup or configuration is required.
Complete an assessment
Generate recommendations, reports, or architecture outputs within any assessment. A provenance record is created automatically for each scoring run.
Open the Audit Provenance panel
From your assessment's decision runs list, select any run to view its provenance details.
Export the PDF
Click "Export Provenance Record" to download the full 9-section PDF. The verify link is embedded and clickable.
Share or file
Include the PDF in your procurement file, hand it to your contracting officer, or share it with any auditor who needs to confirm authenticity.
Explore Related Topics
Patent Pending — U.S. Provisional Application No. 64/021,096 · The Freedom Project, LLC