get_evidence_requirements
Identify required compliance evidence and audit artifacts for EU regulations like GDPR, DORA, and AI Act. Shows documents, logs, and test results auditors request with retention periods and maturity levels.
Instructions
Get compliance evidence and audit artifacts required for specific regulation requirements. Shows what documents, logs, and test results auditors will ask for, including retention periods and maturity levels.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| regulation | No | Optional: filter to specific regulation (e.g., "DORA", "GDPR") | |
| article | No | Optional: filter to specific article (e.g., "6", "32") | |
| evidence_type | No | Optional: filter by evidence type | |
| limit | No | Maximum results to return (default: 50) |
Implementation Reference
- src/tools/evidence.ts:28-90 (handler)The handler implementation for get_evidence_requirements, which queries the database and transforms the result rows into the required output format.
export async function getEvidenceRequirements( db: DatabaseAdapter, input: EvidenceInput ): Promise<EvidenceRequirement[]> { const { regulation, article, evidence_type } = input; let limit = input.limit ?? 50; if (!Number.isFinite(limit) || limit < 0) limit = 50; limit = Math.min(Math.floor(limit), 500); let sql = ` SELECT regulation, article, requirement_summary, evidence_type, artifact_name, artifact_example, description, retention_period, auditor_questions, maturity_levels, cross_references FROM evidence_requirements WHERE 1=1 `; const params: string[] = []; if (regulation) { sql += ` AND regulation = $${params.length + 1}`; params.push(regulation); } if (article) { sql += ` AND article = $${params.length + 1}`; params.push(article); } if (evidence_type) { sql += ` AND evidence_type = $${params.length + 1}`; params.push(evidence_type); } sql += ` ORDER BY regulation, article::INTEGER, evidence_type`; sql += ` LIMIT $${params.length + 1}`; params.push(String(limit)); const result = await db.query(sql, params); return result.rows.map((row: any) => ({ regulation: row.regulation, article: row.article, requirement_summary: row.requirement_summary, evidence_type: row.evidence_type, artifact_name: row.artifact_name, artifact_example: row.artifact_example, description: row.description, retention_period: row.retention_period, auditor_questions: row.auditor_questions ? JSON.parse(row.auditor_questions) : [], maturity_levels: row.maturity_levels ? JSON.parse(row.maturity_levels) : null, cross_references: row.cross_references ? JSON.parse(row.cross_references) : [], })); } - src/tools/evidence.ts:3-8 (schema)The input interface defining the shape of arguments for the tool.
export interface EvidenceInput { regulation?: string; article?: string; evidence_type?: 'document' | 'log' | 'test_result' | 'certification' | 'policy' | 'procedure'; limit?: number; } - src/tools/registry.ts:290-319 (registration)The MCP tool registration, including the input JSON schema and the handler bridge.
{ name: 'get_evidence_requirements', description: 'Get compliance evidence and audit artifacts required for specific regulation requirements. Shows what documents, logs, and test results auditors will ask for, including retention periods and maturity levels.', inputSchema: { type: 'object', properties: { regulation: { type: 'string', description: 'Optional: filter to specific regulation (e.g., "DORA", "GDPR")', }, article: { type: 'string', description: 'Optional: filter to specific article (e.g., "6", "32")', }, evidence_type: { type: 'string', enum: ['document', 'log', 'test_result', 'certification', 'policy', 'procedure'], description: 'Optional: filter by evidence type', }, limit: { type: 'number', description: 'Maximum results to return (default: 50)', }, }, }, handler: async (db, args) => { const input = args as unknown as EvidenceInput; return await getEvidenceRequirements(db, input); }, },