Governance
Audit trail for AI spend: from request IDs to budget decisions
Finance and security stakeholders need evidence. A clean audit trail links each threshold event to a deterministic decision record.
Full guide: CFO-ready AI spend reporting: exports, audits, and retention
Required evidence chain
- externalRequestId and timestamped ingest rows
- policy trigger events and alert payloads
- owner actions and post-incident updates
- export snapshots used in finance reporting
Decision record template (what to log every time)
- Date/time window + budget state (warning/exceeded)
- Primary driver (endpointTag, tenant/user, promptVersion)
- Containment action taken (cap, throttle, routing, rollback)
- Approval decision (accept overrun, block, degrade) + owner
- Follow-up: the one permanent control added after the incident
Audit-friendly controls
- Consistent retention policy documentation.
- Reconciliation delta reports with provider usage.
- Role-based access for billing and governance actions.
Immutability: pricing, exports, and historical numbers
Audits fail when historical numbers can change without an explanation. Keep pricing snapshots versioned by effective date and keep exports reproducible.
If you update pricing tables, document the change and keep prior effective periods intact so month-over-month comparisons remain valid.
- Version pricing by effective date (do not overwrite history).
- Record unknown-model resolutions as explicit changes (owner + date).
- Keep export schemas stable and include metadata (filters, retention truncation).
What an auditor will ask (and what to prepare)
- Why spend changed (deploy, volume, abuse) with supporting evidence.
- Who approved threshold policies and override decisions.
- Whether historical cost numbers are immutable and versioned.
- How retention and deletion requests are handled.
- How you reconcile provider totals with internal reporting.
What to send (payload example)
{
"externalRequestId": "req_01HZXB6MQZ2WQ9D2KCF9M4V2QY",
"provider": "provider_id",
"model": "model_id",
"endpointTag": "billing.guardrail_check",
"promptVersion": "budget_v1",
"userId": "tenant_acme_hash",
"inputTokens": 240,
"outputTokens": 80,
"latencyMs": 892,
"status": "success",
"dataMode": "real",
"environment": "prod"
}Common mistakes
- Relying on monthly provider totals without request-level ownership.
- Ignoring test/demo traffic when explaining cost variance.
- No audit trail from cost spikes to the underlying deploy/change.
- Measuring spend without unit economics (cost per call / ticket / tenant).
How to verify in Opsmeter Dashboard
- Use Overview to confirm the variance window and overall spend trend.
- Use Top Endpoints to attribute variance to feature ownership.
- Use Top Users to attribute variance to tenant/customer segments.
- Use Prompt Versions to correlate spend changes with deploy events.
Related guides
Evaluation resources
For security and procurement reviews, use our trust summary before final tool selection.