• integrated_82#Q3.15

The Traceability pillar is one of the five pillars (Responsibility, Auditability, Interpretability, Dependability, Traceability). Within RAIDT, it concerns whether the provenance chain behind an output is inspectable at run level: what sources informed the output, which configurations and system components were active, what transformations or tool uses occurred, and which human review actions shaped the final record. Its purpose is not stylistic transparency but evidential reconstructability, so that a reviewer can verify how a run unfolded and whether the output rested on appropriate sources and approved controls.

The evidence that supports this pillar is distributed across the run-level evidence pack rather than concentrated in a single note. The evidence-review paper identifies configuration provenance, input and source provenance, output integrity and retention, and oversight trace as core design requirements. In RAIDT terms, this includes run identifiers; prompt template IDs and versions; model/provider/version or deployment IDs; decoding and retrieval settings; retrieved passage IDs and hashes; tool outputs; source document pointers; output hashes or immutable storage references; and reviewer roles, approvals, edits, and escalation records. The scoring appendix makes clear that these fields are assessed through anchors 1=missing / 3=partial / 5=audit-ready, with the score profile justified by evidence pointers rather than narrative assurance. A cited source is therefore insufficient on its own: if retrieval was used but the snapshot, identifiers, or hashes were not stored, traceability cannot score highly because the run cannot be reconstructed independently.

A public-service team uses a GenAI assistant to draft advice about a citizen's entitlement under a current policy rule. The Traceability pillar is well supported only if the run-level evidence pack stores the exact policy clause version used, the retrieval snapshot or passage identifiers, the prompt version, the model deployment ID, the generated answer, and the reviewer's sign-off before the advice is issued.

If the answer merely quotes a rule without preserving which policy text was retrieved at the time, the organisation may be unable to show whether the assistant relied on an outdated clause or an unapproved source. In RAIDT terms, that is partial rather than audit-ready traceability, because the provenance claim cannot be independently checked after the event.

• 08-RAIDT_Foundations_M_V50
• 13-RAIDT-Evidence-Review_M_v10
• 00-RAIDT_Scoring_v1