Procurement
Lynx RFP - FOIP Audit Log
Immutable, hash-chained audit trail for public-procurement compliance and FOIP export.
lynx_rfp_audit
· v19.0.1.0.0
What this solves
Lynx RFP - FOIP Audit Log
Tamper-evident, hash-chained audit trail for every public-tender event - state changes, bid submissions, document downloads - so issuers stand behind a Canadian FOIP request without database forensics.
Public procurement audits and FOIP requests demand a verifiable record of who did what, when, and on which tender. Standard chatter is editable; an issuer cannot claim "this is exactly what happened" from logs that anyone with admin access can rewrite. This module makes the audit log append-only at the model level and chains every row by SHA-256, so tampering breaks the chain and verification scans catch it.
Key Features
Append-only model - write() and unlink() are blocked at the ORM level on the audit log.
Hash-chained rows - each entry stores SHA-256 of the previous hash plus current content; tampering breaks every downstream hash.
Verification action - admin can replay the chain on demand and report the first broken row.
Comprehensive coverage - tender state transitions (confirm, evaluation start, envelope opening, award, revoke), bid submissions, and document downloads all log.
JSON details - free-form details field captures the full diff or context per event without locking the schema.
FOIP export wizard - produces a PDF + JSON dump of an entire tender's audit trail for FOIP responses.
Read-only access - only buyer managers and the system user can read the log; nobody can modify it through the ORM.
Integrates With
lynx_rfp - the issuer-side tender engine being audited.
Depends on
Try Lynx RFP - FOIP Audit Log on your team.
Free trial, no credit card. Talk to sales when you're ready.