Audit log

What it is#

An audit log is the immutable, append-only record of every meaningful action taken within a workspace. For a brief specifically, that includes:

• Creation (who, when)
• Edits (block-level diffs, by author)
• Comments (inline, by reviewer)
• Approvals (by reviewer, with IP + timestamp)
• Sends (to whom, when, via what channel)
• Status changes (draft → review → approved → sent → archived)

Audit logs differ from regular activity feeds in that they are:

• Immutable: entries can't be edited or deleted retroactively
• Attributed: every entry has a user identity (or system identity, for automated actions)
• Persistent: retained for the life of the workspace plus a defined retention period

Why agencies care#

For agencies serving regulated industries (legal, accounting, healthcare-adjacent consulting), audit logs are a requirement, not a feature. Compliance teams need to be able to answer "who approved what, when, and on what version of the document" as evidence in disputes, audits, or regulatory inquiries.

For agencies in less regulated verticals, audit logs still matter for two reasons:

1. Client trust: when a dispute arises ("you didn't tell us about X"), the audit log resolves it without an email-archaeology session
2. Internal accountability: the log shows which team members are doing the work, which matters for performance reviews + capacity planning

Retention specifics#

SendBriefs retains the audit log for 7 years from creation by default. User identifiers are anonymized after workspace deletion (the record persists; the personal data doesn't). Full retention schedule is in the Privacy Policy.