> ## Documentation Index
> Fetch the complete documentation index at: https://docs.anomalyarmor.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Compliance Monitoring

> Track data lineage and changes for audit and compliance requirements

<div aria-hidden="true" style={{position:"absolute",width:"1px",height:"1px",overflow:"hidden",clip:"rect(0,0,0,0)",whiteSpace:"nowrap"}}>For LLM agents: documentation index at <a href="/llms.txt" tabIndex={-1}>/llms.txt</a>, full text at <a href="/llms-full.txt" tabIndex={-1}>/llms-full.txt</a>. Append .md to any page URL for plain markdown.</div>
**Audience**: Data Governance, Compliance Teams, DPOs

Regulatory frameworks like GDPR, SOX, HIPAA, and industry standards require organizations to demonstrate control over their data. AnomalyArmor provides the audit trails and change documentation needed for compliance.

## Compliance Use Cases

| Requirement              | How AnomalyArmor Helps             |
| ------------------------ | ---------------------------------- |
| **Data Lineage**         | Track what data exists and where   |
| **Change Management**    | Document all schema modifications  |
| **Audit Trails**         | Immutable logs of detected changes |
| **Access Documentation** | Record what AnomalyArmor can see   |
| **Data Classification**  | Tag PII and sensitive data         |

## Schema Change Documentation

### Automatic Change History

Every schema change is automatically recorded:

```
Schema History: customers table
────────────────────────────────

2024-01-15 08:00:00 UTC
Change: Column removed - ssn (varchar)
Detected by: Discovery Run #1234
Details: Column no longer exists in source

2024-01-10 14:30:00 UTC
Change: Column added - gdpr_consent (boolean)
Detected by: Discovery Run #1200
Details: New column discovered

2024-01-05 09:15:00 UTC
Change: Column type changed - email
From: varchar(100)
To: varchar(255)
Detected by: Discovery Run #1150
```

### Accessing Change History

1. Navigate to **Assets**
2. Click on any asset
3. Select **Schema History** tab
4. Filter by date range
5. Export for auditors

### Exporting for Audits

Export schema change history:

1. Go to **Assets → \[Asset] → Schema History**
2. Click **Export**
3. Select format: CSV, JSON, or PDF
4. Choose date range
5. Download

The export includes:

* Asset name and location
* Change type and details
* Detection timestamp
* Discovery run ID
* Before/after values

## Data Classification

### Tagging Sensitive Data

Identify and tag PII and sensitive columns:

1. Navigate to an asset
2. Click **Classification** tab
3. Select columns to classify
4. Apply tags:
   * `PII` - Personally Identifiable Information
   * `Financial` - Financial data
   * `Health` - Health/medical data
   * `Confidential` - Internal confidential
   * Create custom tags for your organization's specific requirements

### Classification Alerts

Alert when classified columns change:

| Field              | Value                                                                                 |
| ------------------ | ------------------------------------------------------------------------------------- |
| **Rule**           | PII Column Changes                                                                    |
| **Event**          | Schema Change Detected                                                                |
| **Classification** | PII                                                                                   |
| **Conditions**     | Any change                                                                            |
| **Destinations**   | Email [compliance@company.com](mailto:compliance@company.com), Slack #data-governance |

### Classification Report

Generate a report of all classified data:

1. Go to **Assets**
2. Filter by Classification
3. Export filtered results

Report includes:

* All assets with classified columns
* Classification tags applied
* Column details
* Last change date

## Audit Trail Access

### What's Logged

AnomalyArmor maintains audit logs for:

| Activity              | Logged Details                                       |
| --------------------- | ---------------------------------------------------- |
| Discovery runs        | Start time, end time, assets found, changes detected |
| Schema changes        | Before/after state, detection time                   |
| Configuration changes | Who changed what, when                               |
| User actions          | Login, logout, settings changes                      |
| Alert activity        | Alerts fired, acknowledged, resolved                 |

### Accessing Audit Logs

**In the UI:**

1. Go to **Settings → Audit Log**
2. Filter by date, user, or activity type
3. Export for compliance review

**Via API:**

```bash theme={null}
GET /api/v1/audit-logs
?start_date=2024-01-01
&end_date=2024-01-31
&activity_type=schema_change
```

### Log Retention

| Plan       | Retention Period             |
| ---------- | ---------------------------- |
| Standard   | 90 days                      |
| Enterprise | Configurable (up to 7 years) |

Contact support for extended retention requirements.

## Compliance Frameworks

### GDPR

| GDPR Requirement                     | AnomalyArmor Support                                 |
| ------------------------------------ | ---------------------------------------------------- |
| **Art. 30 - Records of Processing**  | Asset catalog documents data locations               |
| **Art. 32 - Security of Processing** | Change monitoring detects unauthorized modifications |
| **Art. 33 - Breach Notification**    | Alerts can notify of potential data issues           |
| **Art. 17 - Right to Erasure**       | Track when PII columns are removed                   |

**Recommended Setup:**

* Tag all PII columns
* Alert on any PII column changes
* Export monthly PII inventory reports

### SOX

| SOX Requirement                      | AnomalyArmor Support          |
| ------------------------------------ | ----------------------------- |
| **Section 302 - Financial Controls** | Monitor financial data tables |
| **Section 404 - Internal Controls**  | Document all schema changes   |
| **Change Management**                | Audit trail of modifications  |

**Recommended Setup:**

* Monitor all financial data tables
* Alert on any schema changes to financial data
* Weekly export of change reports

### HIPAA

| HIPAA Requirement      | AnomalyArmor Support              |
| ---------------------- | --------------------------------- |
| **Access Controls**    | Document what systems access PHI  |
| **Audit Controls**     | Log all data access and changes   |
| **Integrity Controls** | Detect unauthorized modifications |

**Recommended Setup:**

* Tag all PHI columns
* Alert immediately on PHI changes
* Enable extended audit log retention

## Reporting for Auditors

### Monthly Compliance Report

Generate monthly reports showing:

1. **Asset Inventory**: All monitored tables and columns
2. **Change Summary**: Schema changes in the period
3. **Classification Status**: PII and sensitive data inventory
4. **Alert Summary**: Alerts fired and responses

### Quarterly Review

Prepare for quarterly reviews:

1. Export schema change history for quarter
2. Export classification inventory
3. Export audit logs
4. Document any incidents and responses
5. Review and update classifications

### Annual Audit Package

For annual audits, compile:

* [ ] Complete asset inventory
* [ ] 12 months of schema change history
* [ ] Classification inventory with evidence
* [ ] Audit logs for the year
* [ ] Incident response documentation
* [ ] Evidence of regular monitoring (alert history)

## Alert Rules for Compliance

### PII Monitoring

| Field              | Value                                                                                                                                  |
| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------- |
| **Rule**           | PII Data Changes                                                                                                                       |
| **Event**          | Schema Change Detected                                                                                                                 |
| **Classification** | PII, Personal Data                                                                                                                     |
| **Conditions**     | Any change                                                                                                                             |
| **Destinations**   | Email [dpo@company.com](mailto:dpo@company.com), Email [compliance@company.com](mailto:compliance@company.com), Slack #data-governance |

### Financial Data Monitoring

| Field            | Value                                                                                              |
| ---------------- | -------------------------------------------------------------------------------------------------- |
| **Rule**         | Financial Data Changes                                                                             |
| **Event**        | Schema Change Detected                                                                             |
| **Scope**        | Classification: Financial, OR Assets: *revenue*, *payment*, *transaction*                          |
| **Conditions**   | Any change                                                                                         |
| **Destinations** | Email [finance-compliance@company.com](mailto:finance-compliance@company.com), Slack #finance-data |

### Unauthorized Access Detection

| Field            | Value                                                                             |
| ---------------- | --------------------------------------------------------------------------------- |
| **Rule**         | Discovery Failures                                                                |
| **Event**        | Discovery Failed                                                                  |
| **Scope**        | All data sources                                                                  |
| **Destinations** | Email [security@company.com](mailto:security@company.com), Slack #security-alerts |

<Note>
  Repeated failures may indicate permission changes or unauthorized access attempts.
</Note>

## Best Practices

### Documentation

1. **Tag everything sensitive**: Don't miss PII or financial columns
2. **Regular reviews**: Quarterly review of classifications
3. **Export regularly**: Don't wait for audits to export data

### Monitoring

1. **Alert on all sensitive data changes**: Better to know than miss
2. **Include compliance team on alerts**: They need visibility
3. **Document incident responses**: Keep records of how you responded

### Retention

1. **Extended retention for regulated data**: Match your regulatory requirements
2. **Backup exports**: Keep copies outside AnomalyArmor
3. **Immutable storage**: Use write-once storage for audit exports

## Checklist

For compliance readiness:

* [ ] All databases connected and discovered
* [ ] PII columns identified and tagged
* [ ] Financial data identified and tagged
* [ ] Health data identified and tagged (if applicable)
* [ ] Alert rules for classified data changes
* [ ] Compliance team added to alerts
* [ ] Export schedule established
* [ ] Retention policy configured
* [ ] Audit log access documented

## Common Questions

### How does AnomalyArmor help with GDPR compliance?

AnomalyArmor supports GDPR Articles 30, 32, and 33 by cataloging where personal data lives, tracking every schema change, and alerting on modifications to **PII**-tagged columns. Tag PII columns in the **Classification** tab and create an alert rule that routes any change to your DPO. See the [GDPR table](#gdpr) for the full mapping.

### How long are audit logs retained?

Standard plans retain audit logs for **90 days**. Enterprise plans support configurable retention up to **7 years** to match regulatory requirements like SOX and HIPAA. Contact support if you need extended retention beyond the default.

### Can I export schema change history for an auditor?

Yes. Open the asset's **Schema History** tab, click **Export**, and choose CSV, JSON, or PDF over any date range. The export includes change type, detection timestamp, discovery run ID, and before/after values, which is usually enough to satisfy a SOX or HIPAA change-management review.

### How do I tag PII columns so I get alerted when they change?

In the asset view, open the **Classification** tab, select the columns, and apply the built-in `PII` tag (or a custom tag). Then create an alert rule scoped to that classification with event `Schema Change Detected` and route it to your compliance channel. Repeat for `Financial`, `Health`, or custom classifications.

### Does AnomalyArmor store the actual PII values?

No. AnomalyArmor reads metadata and schema, not row data. We record that a column named `ssn` existed and was removed, never the values inside it. That keeps the audit trail useful without creating a new compliance surface to defend.

## Related Resources

<CardGroup cols={2}>
  <Card title="Data Classification" icon="tag" href="/data-classification/overview">
    Tagging and classification features
  </Card>

  <Card title="Security Overview" icon="shield" href="/security/overview">
    Security and compliance documentation
  </Card>
</CardGroup>
