Step 01
Pack scope picked
Pick a filing (GSTR-3B for a period, AOC-4 for an FY, TDS 24Q for a quarter). The pack scope auto-resolves to the underlying records.
Document Management | Audit Evidence Packs
Per-filing evidence packs assemble themselves. Hash-verified at export.
GSTR-3B for May? The pack carries the return, the GSTR-2B match, the underlying invoices, the GSTN acknowledgement and the supporting workpapers. AOC-4 audit pack? Schedule III financials, supporting JEs, source bills and the CA sign-off. One click; hash-verified at export.
How it works
From filing to defensible audit pack.
Step 02
Components assembled
Return, supporting reconciliation, source documents, acknowledgement and workpapers all assemble. Cross-references preserved (every line of the return points to its supporting source).
Step 03
Hash-chain integrity
Every file in the pack hashes; the hashes chain together. The chain root signs the pack. Any tampering with any file post-export breaks the chain and is detectable.
Step 04
Auditor or officer verifies independently
The pack carries a verification key. Auditors and tax officers run a verification (one command) and confirm the chain root is intact. The pack is defensible against any post-export tampering claim.
What the system does
Capability, input, output.
| Capability | Input | Output |
|---|---|---|
| Pack scope resolution | Filing or period selection | List of underlying records |
| Component assembly | Return, recon, source, ack, workpapers | Structured pack archive |
| Hash chain | Each file content + chain prior | Per-file hash + signed root |
| Independent verification | Pack archive + verification key | Chain integrity confirmation |
| Re-assembly | Repeated pack request for same period | Identical pack with same root |
-
Pack scope resolution
- Input
- Filing or period selection
- Output
- List of underlying records
-
Component assembly
- Input
- Return, recon, source, ack, workpapers
- Output
- Structured pack archive
-
Hash chain
- Input
- Each file content + chain prior
- Output
- Per-file hash + signed root
-
Independent verification
- Input
- Pack archive + verification key
- Output
- Chain integrity confirmation
-
Re-assembly
- Input
- Repeated pack request for same period
- Output
- Identical pack with same root
Compliance + integrations
Audit packs the auditor and the regulator both accept.
Big 4 firms accept the pack format directly across their Indian engagements. The hash-verified chain meets evidence-integrity expectations under SA 230 and CARO 2020.
Regulations we work within
-
SA 230 (Audit Documentation)
Documentation requirements supported by pack format.
-
CARO 2020
Auditor reporting on records integrity supported.
-
Rule 11(g), Companies Act
Hash-chained audit trail across the pack.
-
Section 128, Companies Act
8-year retention for assembled packs.
Connects to
- Big 4 audit-pack format Accepted format across firms
- Auditor read-only access Direct platform access
Audit Evidence Packs FAQ
What buyers ask.
How is the hash chain verified independently?
The pack carries a verification key and a small command-line tool. The auditor runs the verification against the archive; the tool confirms each file hash against the chain and the chain root against the signature. Any mismatch flags. The verification is cryptographic, not based on metadata.
For a tax notice from FY 2018-19, can we still pull the pack?
Yes. The pack archive retains for 8 years per Section 128. Re-assembly for an FY 2018-19 GSTR-3B works the same way as the current period. The hash chain stays intact across the retention period.
What if the auditor wants to add their own working papers to the pack?
Auditor working papers can be uploaded against the pack with auditor sign-off. They become part of the audited pack with their own hash and audit trail. The pack signed by both the auditor and the system carries dual integrity.
More in Document Management
Related features
Statutory Documents Vault
PF, ESI, Professional Tax, LWF challans, returns and acknowledgements per month and per state.
See Statutory Documents VaultDocument Versioning
Replace a document; the old version stays. Audit trail of every upload, edit and delete.
See Document VersioningSecure Document Sharing
Time-boxed links for auditors and lenders. Role-based access, watermarks, view-only or download.
See Secure Document Sharing
Run an audit pack on last quarter's GSTR-3B.
Connect one entity. Pick GSTR-3B for last quarter. The pack assembles in seconds with the return, the 2B match, the underlying invoices and the GSTN acknowledgement. Verify the hash chain on screen.