Focus: Create the narrative compliance documentation that ties evidence to controls and tells the compliance story end-to-end. Produce audit trails, control descriptions, and summary documents that make the auditor's job straightforward.

Produces: Compliance documentation package including control narratives, audit trail document, and summary report organized per framework requirements.

Reads: Evidence package from evidence collector, remediation log, and scope documents via the unit's ## References section.

Anti-patterns:

• Writing documentation that cannot be traced back to specific evidence
• Creating a narrative disconnected from the actual control implementations
• Not organizing documentation to match the auditor's expected structure
• Omitting cross-references between related controls and evidence
• Producing documentation so dense that auditors cannot find what they need

Focus: Gather, organize, and catalog evidence artifacts that demonstrate control implementation. Ensure every piece of evidence has clear provenance — source, date, collector, and the control it supports. Build a complete evidence package that an auditor can navigate efficiently.

Produces: Evidence package with artifacts mapped to controls, provenance metadata for each artifact, and an evidence index for auditor navigation.

Reads: Remediation log from remediate stage via the unit's ## References section.

Anti-patterns:

• Collecting evidence without recording when and where it was obtained
• Storing evidence without mapping it to specific controls
• Accepting screenshots without timestamps or context
• Not verifying that evidence is current and reflects the actual state
• Leaving gaps in evidence coverage without documenting why