PDPolicyDesk
Demo mode
Active role: Admin

Audit evidence packet

Financial controls

Owner: Marcus Sterling · State: Attestation open · Current version: v2

Generated for: Northstar Logistics Holdings · Prepared by: Riley Quintero (admin)

Policy code
POL-2008
Printed May 17, 2026
Vendor Onboarding & Risk

Policy

Authoritative metadata for POL-2008. This packet certifies that the policy is currently active, that the current version is v2, and that the attestation roster below reflects the state of compliance as of the printing date. Auditors should verify the publication date matches the reviewer-chain decision dates and that the attestation IP / timestamp pairs are consistent with the audit log.

Code
POL-2008
Title
Vendor Onboarding & Risk
Category
Financial controls
State
Attestation open
Effective
Feb 5, 2026
Next review
Feb 5, 2027
Expires
Feb 5, 2027
Substantive flag
Cosmetic only
AI summary (current version)
AI summary: Vendor Onboarding & Risk v2 — covers financial controls with updates to previous version. Recommended attestation cycle: annual.
Audience(s)
No assignment rules.
Show current version body
# Vendor Onboarding & Risk (v2)

Northstar Logistics Holdings — Financial controls category.

## Purpose

This is version 2 of Vendor Onboarding & Risk.

Version history

Every version of POL-2008 with author, publication date, and substantive-change classification. Earlier versions are retired when a new one publishes. The substantive-change column reflects the AI classifier's decision on whether the change introduced new obligations (substantive) or only clarifications (cosmetic).

VersionStateAuthorPublishedRetiredSubstantive
v2Attestation openMarcus SterlingFeb 5, 2026Cosmetic
v1RetiredMarcus SterlingMar 17, 2026Mar 17, 2026Cosmetic

Attestation coverage

0 of 0 assigned employees have attested to POL-2008 version v2, for an overall coverage of 0%. No attestations are overdue. The roster below shows the most recent 25 entries; the full roster is exportable to CSV via the audit-bundle Export action on the policy detail page.

Total assigned
0
Attested
0
Overdue
0
Pending
0

Coverage by team

    Attestation roster (sample)

    EmployeeCodeTeamCountryStateAssignedDueAttested atIP

    Roster shows first 25 of 0 attestations. Full roster: see policy detail page → Export audit bundle (CSV).

    Review chain

    Reviewer steps and their decisions for the current version of POL-2008. Restricted-category policies (e.g. Information Security, Privacy & Data Handling) require Legal + Security reviewer approvals in addition to SME before executive sign-off; this packet records the reviewer type, identity, decision, comment, and decision timestamp for each step. The Executive approval entry at the bottom records the executive_approver's final sign-off before publication.

    OrderReviewer typeReviewerStateDecisionCommentDecided at
    No review steps recorded for this policy.
    Executive approvalHank Mendez (executive_approver)ApprovedApprovedFinal sign-off before publication.Feb 5, 2026

    Auditor sign-off

    This packet is exportable to PDF + CSV for delivery to SOC 2, ISO 27001, or SOX auditors. Sign and retain as evidence of policy publication, reviewer chain, and attestation coverage for POL-2008. Audit retention period: 7 years.

    Compliance officer
    Diego Ortega · sign / date
    Internal auditor
    Janelle Wu · sign / date
    Executive sponsor
    Hank Mendez · sign / date
    PolicyDesk · Northstar Logistics Holdings · POL-2008 · printed May 17, 2026 5:49 AM · retain as audit evidence for 7 years per records-retention policy.