Audit Requirements

Logging requirements and compliance standards for MCP-I conformance levels

Audit Trail Requirements

MCP-I defines specific requirements for audit logs based on the conformance level:

Level 1: Basic Audit

Log all delegation issuance events
Record basic agent verification attempts
Store logs securely with access controls
Maintain logs for a minimum of 30 days

Level 2: Standard Audit

Cryptographically sign all audit records
Log all credential verification details
Include full request context in logs
Maintain logs for a minimum of 90 days
Implement log aggregation and search

Level 3: Enterprise Audit

Use immutable storage for audit records
Implement tamper-evident logging mechanisms
Add selective disclosure for privacy-sensitive logs
Maintain logs for customizable retention periods
Support advanced analytics and anomaly detection

On this page

Level 1: Basic Audit Level 2: Standard Audit Level 3: Enterprise Audit