PDPolicyDesk
Demo mode
Active role: Admin

Audit evidence packet

Information security (restricted category)

Owner: Marcus Sterling · State: Attestation open · Current version: v4

Generated for: Northstar Logistics Holdings · Prepared by: Riley Quintero (admin)

Policy code
POL-2018
Printed May 17, 2026
Information Security Policy

Policy

Authoritative metadata for POL-2018. This packet certifies that the policy is currently active, that the current version is v4, and that the attestation roster below reflects the state of compliance as of the printing date. Auditors should verify the publication date matches the reviewer-chain decision dates and that the attestation IP / timestamp pairs are consistent with the audit log.

Code
POL-2018
Title
Information Security Policy
Category
Information security (restricted)
State
Attestation open
Effective
Jun 15, 2025
Next review
Jun 15, 2026
Expires
Jun 15, 2026
Substantive flag
Cosmetic only
AI summary (current version)
AI summary: Information Security Policy v4 — covers information security with updates to previous version. Recommended attestation cycle: annual.
Audience(s)
All employees (all)
Show current version body
# Information Security Policy (v4)

Northstar Logistics Holdings — Information security category.

## Purpose

This is version 4 of Information Security Policy. Annual review approaching — expires in ~30 days.

Version history

Every version of POL-2018 with author, publication date, and substantive-change classification. Earlier versions are retired when a new one publishes. The substantive-change column reflects the AI classifier's decision on whether the change introduced new obligations (substantive) or only clarifications (cosmetic).

VersionStateAuthorPublishedRetiredSubstantive
v4Attestation openMarcus SterlingJun 15, 2025Cosmetic
v3RetiredMarcus SterlingMar 17, 2026Mar 17, 2026Cosmetic
v2RetiredMarcus SterlingFeb 15, 2026Feb 15, 2026Cosmetic
v1RetiredMarcus SterlingJan 16, 2026Jan 16, 2026Cosmetic

Attestation coverage

84 of 92 assigned employees have attested to POL-2018 version v4, for an overall coverage of 91%. No attestations are overdue. The roster below shows the most recent 25 entries; the full roster is exportable to CSV via the audit-bundle Export action on the policy detail page.

Total assigned
92
Attested
84
Overdue
0
Pending
8

Coverage by team

  • Operations — Dallas10/1191%
  • Operations — Long Beach10/1191%
  • Operations — Newark10/10100%
  • Engineering9/1090%
  • Finance9/1090%
  • HR & People Ops9/1090%
  • Information Security9/1090%
  • EU Operations — Rotterdam9/1090%
  • EU Operations — Hamburg9/1090%

Attestation roster (sample)

EmployeeCodeTeamCountryStateAssignedDueAttested atIP
Sarah BeckEMP-1000Operations — DallasUSAttestedJun 15, 2025Jul 15, 2025Jun 20, 2025 6:38 PM10.0.0.0
Diego OrtegaEMP-1001Operations — Long BeachUSAttestedJun 15, 2025Jul 15, 2025Jun 21, 2025 6:38 PM10.0.1.3
Janet LiuEMP-1002Operations — NewarkUSAttestedJun 15, 2025Jul 15, 2025Jun 22, 2025 6:38 PM10.0.2.6
Carlos MendezEMP-1003EngineeringUSAttestedJun 15, 2025Jul 15, 2025Jun 23, 2025 6:38 PM10.0.3.9
Priya ShahEMP-1004FinanceUSAttestedJun 15, 2025Jul 15, 2025Jun 24, 2025 6:38 PM10.0.4.12
Ahmed RahimiEMP-1005HR & People OpsUSAttestedJun 15, 2025Jul 15, 2025Jun 25, 2025 6:38 PM10.0.5.15
Olivia BeckerEMP-1006Information SecurityUSAttestedJun 15, 2025Jul 15, 2025Jun 26, 2025 6:38 PM10.0.6.18
David ChenEMP-1007EU Operations — RotterdamNLAttestedJun 15, 2025Jul 15, 2025Jun 27, 2025 6:38 PM10.0.7.21
Ruby WilliamsEMP-1008EU Operations — HamburgDEAttestedJun 15, 2025Jul 15, 2025Jun 28, 2025 6:38 PM10.0.8.24
Mateo SilvaEMP-1009Operations — DallasUSAttestedJun 15, 2025Jul 15, 2025Jun 29, 2025 6:38 PM10.0.9.27
Anna KowalskiEMP-1010Operations — Long BeachUSAttestedJun 15, 2025Jul 15, 2025Jun 30, 2025 6:38 PM10.0.10.30
Liam O'BrienEMP-1011Operations — NewarkUSAttestedJun 15, 2025Jul 15, 2025Jul 1, 2025 6:38 PM10.0.11.33
Emma JohanssonEMP-1012EngineeringUSAttestedJun 15, 2025Jul 15, 2025Jul 2, 2025 6:38 PM10.0.12.36
Noah SchmidtEMP-1013FinanceUSAttestedJun 15, 2025Jul 15, 2025Jul 3, 2025 6:38 PM10.0.13.39
Sofia RossiEMP-1014HR & People OpsUSAttestedJun 15, 2025Jul 15, 2025Jul 4, 2025 6:38 PM10.0.14.42
Ethan ParkEMP-1015Information SecurityUSAttestedJun 15, 2025Jul 15, 2025Jul 5, 2025 6:38 PM10.0.15.45
Maya PatelEMP-1016EU Operations — RotterdamNLAttestedJun 15, 2025Jul 15, 2025Jul 6, 2025 6:38 PM10.0.16.48
Owen MurphyEMP-1017EU Operations — HamburgDEAttestedJun 15, 2025Jul 15, 2025Jul 7, 2025 6:38 PM10.0.17.51
Lily TranEMP-1018Operations — DallasUSAttestedJun 15, 2025Jul 15, 2025Jul 8, 2025 6:38 PM10.0.18.54
Caleb NakamuraEMP-1019Operations — Long BeachUSAttestedJun 15, 2025Jul 15, 2025Jul 9, 2025 6:38 PM10.0.19.57
Isabella RomanoEMP-1020Operations — NewarkUSAttestedJun 15, 2025Jul 15, 2025Jun 20, 2025 6:38 PM10.0.20.60
Lucas AndersenEMP-1021EngineeringUSAttestedJun 15, 2025Jul 15, 2025Jun 21, 2025 6:38 PM10.0.21.63
Mia FerreiraEMP-1022FinanceUSAttestedJun 15, 2025Jul 15, 2025Jun 22, 2025 6:38 PM10.0.22.66
Henry LindqvistEMP-1023HR & People OpsUSAttestedJun 15, 2025Jul 15, 2025Jun 23, 2025 6:38 PM10.0.23.69
Ava GoldbergEMP-1024Information SecurityUSAttestedJun 15, 2025Jul 15, 2025Jun 24, 2025 6:38 PM10.0.24.72

Roster shows first 25 of 92 attestations. Full roster: see policy detail page → Export audit bundle (CSV).

Review chain

Reviewer steps and their decisions for the current version of POL-2018. Restricted-category policies (e.g. Information Security, Privacy & Data Handling) require Legal + Security reviewer approvals in addition to SME before executive sign-off; this packet records the reviewer type, identity, decision, comment, and decision timestamp for each step. The Executive approval entry at the bottom records the executive_approver's final sign-off before publication.

OrderReviewer typeReviewerStateDecisionCommentDecided at
No review steps recorded for this policy.
Executive approvalHank Mendez (executive_approver)ApprovedApprovedFinal sign-off before publication.Jun 15, 2025

Auditor sign-off

This packet is exportable to PDF + CSV for delivery to SOC 2, ISO 27001, or SOX auditors. Sign and retain as evidence of policy publication, reviewer chain, and attestation coverage for POL-2018. Audit retention period: 7 years.

Compliance officer
Diego Ortega · sign / date
Internal auditor
Janelle Wu · sign / date
Executive sponsor
Hank Mendez · sign / date
PolicyDesk · Northstar Logistics Holdings · POL-2018 · printed May 17, 2026 5:49 AM · retain as audit evidence for 7 years per records-retention policy.