Finance North Star Vision Audit
Finance Decision Operating System Audit
This is the master credibility audit for functional and technology workshops. It tests whether the platform behaves like a finance decision operating system rather than a collection of agent pages.
Ultimate test: any executive signal must drill through Signal -> Agent -> Policy -> Evidence -> Decision -> Action -> Outcome -> Replay. If a step is missing, the North Star vision is not fully credible.
Audit Domains
10
Agent, policy, context, evidence, replay, close, decision intelligence, autonomy, learning, and CFO command.
Mission Coverage
8
P2P, O2C, R2R, FP&A, Treasury, Tax, Controls, and CFO.
Credibility Chain
8 steps
Signal to replay with named proof surface for every step.
North Star Audit Domains
| Domain | Leadership question | Required proof | Proof route | Status |
|---|---|---|---|---|
| Agent Audit | Can leadership immediately see what agents exist, who owns them, what they can do, and what they cannot do? | Agent identity, owner, purpose, version, scope, runtime status, SOR access, allowed actions, denied actions, and collaboration trace. | /ui/bp-agent-inventory | Ready |
| Policy Audit | Can every recommendation explain which financial, compliance, or AI policy was applied? | Policy name, version, owner, reason triggered, decision outcome, violation, escalation, override, and audit trail. | /ui/policy-library | Ready |
| Context Audit | Can the system show business meaning and object relationships behind a signal? | Vendor, customer, contract, invoice, journal, cost center, asset, project, shipment, trading position, and relationship graph. | /ui/context-graph | Ready |
| Evidence Audit | Can a reviewer answer where the number came from and which records support the decision? | Source systems, source records, documents, policies, model inputs, evidence pack, lineage, confidence, and outcome. | /ui/evidence | Ready |
| Replay Audit | Can the original signal, context, policy, recommendation, action, and outcome be reconstructed? | Replay timeline, deterministic chain, original inputs, original outputs, evidence hash, policy result, and human decision. | /ui/replay-center | Ready |
| Continuous Close Audit | Can close readiness change continuously as journals, reconciliations, controls, and exceptions change? | Readiness score, open exceptions, missing journals, missing reconciliations, predicted close date, confidence, and drivers. | /ui/continuous-close-intelligence | Ready |
| Decision Intelligence Audit | Can any signal become an evidence-backed recommendation with reason, impact, confidence, and alternatives? | Signal, category, priority, recommendation reason, impact, confidence, evidence, and scenario simulation. | /ui/live-signals | Ready |
| Autonomy Audit | Can the system show what is autonomous, what is human-approved, and where agents must stop? | Autonomy boundaries, escalation path, human approval, override reason, action authorization, and blocked action trace. | /ui/bp-agent-governance-replay-control-tower | Ready |
| Learning Audit | Can outcomes and overrides become governed learning without uncontrolled model drift? | Decision memory, outcome, override, learning candidate, before/after signal, promotion gate, rollback, and lineage. | /ui/replay-learning-evolution | Ready |
| CFO Command Center Audit | Can the executive surface answer what changed, why, impact, recommendation, automation, and value created? | Signal feed, context, financial impact, recommendations, autonomy opportunities, value attribution, and drill-through path. | /ui/cfo-command-center | Ready |
Finance Mission Audit
| Mission | Must verify | Mission route | Status |
|---|---|---|---|
| P2P | Duplicate detection, invoice matching, supplier risk, spend leakage, working-capital impact. | /ui/mission/p2p | Route check |
| O2C | Credit risk, collections, disputes, exposure limits, expected loss, and cash impact. | /ui/mission/o2c | Route check |
| R2R | Journal anomalies, intercompany issues, reconciliation issues, close readiness, and controls. | /ui/mission/r2r | Route check |
| FP&A | Forecast generation, variance explanation, scenario simulation, assumptions, and executive narrative. | /ui/mission/fpa | Route check |
| Treasury | Cash forecasting, liquidity risk, exposure monitoring, counterparty posture, and policy limits. | /ui/mission/treasury | Route check |
| Tax | Tax determination, VAT/GST, withholding, transfer pricing, Pillar Two, and evidence defense. | /ui/mission/tax-supervisor | Route check |
| Controls | SOX monitoring, policy breaches, segregation of duties, authority matrix, and preventive controls. | /ui/policy-library | Route check |
| CFO | Enterprise signals, impact, recommendations, autonomy, value attribution, and replayable decisions. | /ui/cfo-command-center | Route check |
Executive Drill-Through Chain
| Step | What must be visible | Proof route |
|---|---|---|
| Signal | What changed, source, timestamp, severity, correlation id. | /ui/live-signals |
| Agent | Agent identity, owner, version, purpose, scope, skills, and runtime status. | /ui/bp-agent-inventory |
| Policy | Policy name, version, owner, trigger reason, violation, escalation, and override. | /ui/policy-library |
| Evidence | Source records, documents, policies, models, confidence, and lineage. | /ui/evidence |
| Decision | Recommendation, reason, impact, confidence, alternatives, and owner. | /ui/active-decisions |
| Action | Allowed action, denied action, human approval, execution boundary, and payload. | /ui/bp-agent-governance-replay-control-tower |
| Outcome | Business impact, value attribution, exception closure, and human outcome. | /ui/bp-agent-governance-replay-control-tower |
| Replay | Original inputs, context, evidence, policy, agent outputs, action, outcome, and learning. | /ui/replay-center |
Autonomy Boundary Audit
| Action | Autonomy posture | Control reason |
|---|---|---|
| Invoice match | Autonomous within policy | Evidence complete and match confidence above threshold. |
| Draft journal | Agent drafted / human approved | Posting remains outside autonomous boundary. |
| Journal post | Not autonomous | Controller approval and ERP posting controls required. |
| Treasury transfer | Not autonomous | Treasury authority, sanctions, liquidity, and human approval required. |
| Vendor master change | Not autonomous | Master-data governance and segregation controls required. |
| Credit exposure block | Human-approved action | Credit policy and exposure threshold drive escalation. |
Injection Scenarios To Demonstrate Live
| Scenario | Expected behavior | Proof route |
|---|---|---|
| Credit exceeds limit | Agent blocks recommendation, notifies supervisor, records policy and evidence. | /ui/mission/o2c |
| Late journal posted | Close readiness recalculates, controller notified, replay generated. | /ui/continuous-close-intelligence |
| Duplicate invoice received | Signal, evidence pack, duplicate policy, payment hold recommendation. | /ui/mission/p2p |
| Forecast shock | Drivers, scenario comparison, recommendation, and executive narrative. | /ui/mission/fpa |
| Liquidity stress | Cash forecast, exposure, policy boundary, and treasury action recommendation. | /ui/mission/treasury |