• qa_deck_100#slide 51 · Outputs, review decisions, and retention

In RAIDT, retention policy belongs in the run record because the record is not a peripheral log; it is the core governance object from which the run-level evidence pack is assembled. The papers argue that RAIDT treats the run as the unit of governance, so governance must preserve what happened in one configured use, not merely what the organisation said it intended to do in general documentation. For that reason, the run record must contain retention metadata and access control alongside identifiers, hashes, prompts, outputs and review decisions. Those fields make the record usable across audit, incident management, compliance review and later contestation.

Retention policy matters because RAIDT is designed for post hoc reconstruction as well as immediate oversight. A disputed output may need to be reviewed months later, especially in high-stakes settings such as employment, health or access to services. If the organisation cannot show how long evidence will be kept, who may inspect it, and whether full content or only immutable identifiers are preserved, the evidence object becomes unreliable as a governance instrument. Equally, retaining everything without limits would conflict with the papers' emphasis on privacy-preserving, proportionate evidence capture.

Including retention policy in the run record therefore balances reconstructability with restraint. It supports the five pillars (Responsibility, Auditability, Interpretability, Dependability, Traceability) by ensuring that evidence remains available long enough for review, while limiting exposure of sensitive material through tiered access and, where appropriate, hashes or secure pointers rather than unrestricted content storage. In practical RAIDT terms, retention policy helps determine whether a score profile rests on inspectable evidence or on narrative assurance; this is central to the anchors 1=missing / 3=partial / 5=audit-ready.

In an HR workflow, a manager uses a GenAI assistant to draft a performance appraisal. The run record captures the prompt template version, model deployment, any retrieved HR policy text, the generated draft, reviewer actions, and a retention policy stating that the full text is held for twelve months in a secure evidence repository, while hashes and metadata remain longer for audit purposes. Access is limited to HR case reviewers, internal audit and authorised compliance staff.

That retention rule is part of the run record because the organisation may later face an employee grievance. If the draft appraisal is challenged, reviewers can reconstruct the run-level evidence pack and test whether policy text, oversight, and wording were handled properly. If no retention rule had been recorded, the evidence might have been deleted too soon or exposed too broadly, weakening both contestability and privacy safeguards.

• 08-RAIDT_Foundations_M_V50
• 13-RAIDT-Evidence-Review_M_v10