Compliance Export

Field	Value
Document ID	ASCEND-GOV-004
Version	1.0.0
Last Updated	December 19, 2025
Author	Ascend Engineering Team
Publisher	OW-KAI Technologies Inc.
Classification	Enterprise Client Documentation
Compliance	SOC 2 CC6.1/CC6.2, PCI-DSS 7.1/8.3, HIPAA 164.312, NIST 800-53 AC-2/SI-4

Reading Time: 10 minutes | Skill Level: Advanced

Overview

ASCEND provides enterprise-grade compliance export capabilities supporting SOX, PCI-DSS, HIPAA, GDPR, SOC 2, NIST, and ISO frameworks. Generate audit-ready reports with cryptographic verification and scheduled delivery.

Supported Frameworks

Framework	Description	Default Retention
`SOX`	Sarbanes-Oxley Act	7 years
`PCI_DSS`	Payment Card Industry	1 year
`HIPAA`	Health Insurance Portability	6 years
`GDPR`	General Data Protection	6 years
`SOC2`	Service Organization Control	7 years
`NIST`	NIST Cybersecurity Framework	3 years
`ISO27001`	ISO Information Security	3 years

Export Formats

Format	Content Type	Use Case
`JSON`	application/json	API integration
`CSV`	text/csv	Spreadsheet analysis
`XML`	application/xml	Legacy systems
`PDF`	application/pdf	Official reports
`XLSX`	Excel spreadsheet	Business users

Get Framework Information

List All Frameworks

curl "https://pilot.owkai.app/api/compliance-export/frameworks" \
  -H "Authorization: Bearer owkai_..."

Response:

{
  "frameworks": [
    {
      "value": "sox",
      "name": "SOX",
      "display_name": "Sarbanes-Oxley Act"
    },
    {
      "value": "pci_dss",
      "name": "PCI_DSS",
      "display_name": "PCI Data Security Standard"
    },
    {
      "value": "hipaa",
      "name": "HIPAA",
      "display_name": "Health Insurance Portability"
    }
  ],
  "export_formats": ["json", "csv", "xml", "pdf", "xlsx"],
  "report_types": ["audit_trail", "access_log", "policy_changes", "risk_assessment", "incident_report"]
}

Get Framework Details

curl "https://pilot.owkai.app/api/compliance-export/frameworks/sox" \
  -H "Authorization: Bearer owkai_..."

Response:

{
  "framework": "sox",
  "display_name": "Sarbanes Oxley",
  "supported_reports": ["audit_trail", "policy_changes", "access_log"],
  "default_retention_days": 2555,
  "required_fields": ["actor_id", "timestamp", "action", "outcome"],
  "data_classification": "confidential"
}

Creating Exports

Create Export Job

curl -X POST "https://pilot.owkai.app/api/compliance-export/exports" \
  -H "Authorization: Bearer owkai_..." \
  -H "Content-Type: application/json" \
  -d '{
    "framework": "sox",
    "report_type": "audit_trail",
    "export_format": "pdf",
    "start_date": "2025-10-01T00:00:00Z",
    "end_date": "2025-12-31T23:59:59Z",
    "include_pii": false,
    "filters": {
      "risk_level": ["high", "critical"],
      "event_type": ["USER_ACTION", "POLICY_VIOLATION"]
    }
  }'

Response:

{
  "id": 123,
  "framework": "sox",
  "report_type": "audit_trail",
  "export_format": "pdf",
  "start_date": "2025-10-01T00:00:00Z",
  "end_date": "2025-12-31T23:59:59Z",
  "status": "pending",
  "progress_percent": 0,
  "created_at": "2025-12-15T10:30:00Z"
}

Quick Export

curl -X POST "https://pilot.owkai.app/api/compliance-export/quick-export/sox/audit_trail?\
days=30&export_format=json" \
  -H "Authorization: Bearer owkai_..."

Response:

{
  "job_id": 124,
  "status": "pending",
  "framework": "sox",
  "report_type": "audit_trail",
  "period_days": 30,
  "status_url": "/api/compliance-export/exports/124"
}

Export Job Management

Check Export Status

curl "https://pilot.owkai.app/api/compliance-export/exports/123" \
  -H "Authorization: Bearer owkai_..."

Response:

{
  "id": 123,
  "framework": "sox",
  "report_type": "audit_trail",
  "export_format": "pdf",
  "status": "completed",
  "progress_percent": 100,
  "file_size_bytes": 2458624,
  "record_count": 15420,
  "data_classification": "confidential",
  "created_at": "2025-12-15T10:30:00Z",
  "completed_at": "2025-12-15T10:32:00Z",
  "expires_at": "2025-12-22T10:32:00Z",
  "download_url": "/api/compliance-export/exports/123/download"
}

List All Exports

curl "https://pilot.owkai.app/api/compliance-export/exports?\
framework=sox&status=completed&limit=50" \
  -H "Authorization: Bearer owkai_..."

Response:

[
  {
    "id": 123,
    "framework": "sox",
    "report_type": "audit_trail",
    "status": "completed",
    "record_count": 15420,
    "created_at": "2025-12-15T10:30:00Z",
    "download_url": "/api/compliance-export/exports/123/download"
  },
  {
    "id": 121,
    "framework": "sox",
    "report_type": "policy_changes",
    "status": "completed",
    "record_count": 342,
    "created_at": "2025-12-14T10:30:00Z",
    "download_url": "/api/compliance-export/exports/121/download"
  }
]

Downloading Exports

Download File

curl "https://pilot.owkai.app/api/compliance-export/exports/123/download" \
  -H "Authorization: Bearer owkai_..." \
  -o sox_audit_trail_123.pdf

Response headers include:

Content-Disposition: attachment; filename="sox_audit_trail_123.pdf"
X-Export-Hash: a1b2c3d4e5f6g7h8i9j0...
X-Record-Count: 15420

Verify Export Integrity

curl -X POST "https://pilot.owkai.app/api/compliance-export/exports/123/verify?\
hash_value=a1b2c3d4e5f6g7h8i9j0..." \
  -H "Authorization: Bearer owkai_..."

Response:

{
  "job_id": 123,
  "provided_hash": "a1b2c3d4e5f6g7h8i9j0...",
  "is_valid": true,
  "verified_at": "2025-12-15T10:40:00Z"
}

Download Audit Trail

curl "https://pilot.owkai.app/api/compliance-export/exports/123/downloads" \
  -H "Authorization: Bearer owkai_..."

Response:

[
  {
    "id": 1,
    "export_job_id": 123,
    "downloaded_by": "auditor@company.com",
    "downloaded_at": "2025-12-15T10:35:00Z",
    "ip_address": "192.168.1.100",
    "verified_hash": true
  }
]

Scheduled Reports

Create Schedule

curl -X POST "https://pilot.owkai.app/api/compliance-export/schedules" \
  -H "Authorization: Bearer owkai_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Weekly SOX Audit Trail",
    "description": "Automated weekly SOX compliance report",
    "framework": "sox",
    "report_type": "audit_trail",
    "export_format": "pdf",
    "cron_expression": "0 6 * * 1",
    "timezone": "America/New_York",
    "email_recipients": ["compliance@company.com", "auditor@company.com"],
    "webhook_url": "https://hooks.company.com/compliance",
    "retention_days": 90
  }'

Response:

{
  "id": 10,
  "name": "Weekly SOX Audit Trail",
  "framework": "sox",
  "report_type": "audit_trail",
  "cron_expression": "0 6 * * 1",
  "timezone": "America/New_York",
  "is_active": true,
  "next_run_at": "2025-12-16T06:00:00-05:00",
  "created_at": "2025-12-15T10:45:00Z"
}

Common Cron Expressions

Schedule	Cron Expression	Description
Daily at 6 AM	`0 6 * * *`	Every day
Weekly Monday	`0 6 * * 1`	Every Monday at 6 AM
Monthly 1st	`0 6 1 * *`	First day of month
Quarterly	`0 6 1 1,4,7,10 *`	First day of quarter

List Schedules

curl "https://pilot.owkai.app/api/compliance-export/schedules?active_only=true" \
  -H "Authorization: Bearer owkai_..."

Update Schedule

curl -X PUT "https://pilot.owkai.app/api/compliance-export/schedules/10" \
  -H "Authorization: Bearer owkai_..." \
  -H "Content-Type: application/json" \
  -d '{
    "is_active": false
  }'

Delete Schedule

curl -X DELETE "https://pilot.owkai.app/api/compliance-export/schedules/10" \
  -H "Authorization: Bearer owkai_..."

Export Metrics

curl "https://pilot.owkai.app/api/compliance-export/metrics" \
  -H "Authorization: Bearer owkai_..."

Response:

{
  "total_exports": 156,
  "by_framework": {
    "sox": 45,
    "pci_dss": 38,
    "hipaa": 32,
    "gdpr": 25,
    "soc2": 16
  },
  "by_status": {
    "completed": 148,
    "pending": 3,
    "processing": 2,
    "failed": 3
  },
  "total_records_exported": 2456000,
  "total_export_size_bytes": 158462000,
  "supported_frameworks": ["sox", "pci_dss", "hipaa", "gdpr", "soc2", "nist", "iso27001"],
  "supported_formats": ["json", "csv", "xml", "pdf", "xlsx"]
}

Report Types

Audit Trail

Complete audit log for specified time period:

{
  "report_type": "audit_trail",
  "includes": [
    "All logged events",
    "User actions",
    "System events",
    "Policy violations"
  ]
}

Access Log

User access and authentication events:

{
  "report_type": "access_log",
  "includes": [
    "Login attempts",
    "Session management",
    "Permission changes",
    "API access"
  ]
}

Policy Changes

Configuration and policy modifications:

{
  "report_type": "policy_changes",
  "includes": [
    "Policy updates",
    "Rule changes",
    "Threshold modifications",
    "Agent configuration"
  ]
}

Risk Assessment

Risk scoring and analysis:

{
  "report_type": "risk_assessment",
  "includes": [
    "Risk score distribution",
    "High-risk actions",
    "Trend analysis",
    "Mitigation actions"
  ]
}

Incident Report

Security incidents and responses:

{
  "report_type": "incident_report",
  "includes": [
    "Security incidents",
    "Kill-switch activations",
    "Policy violations",
    "Response actions"
  ]
}

Role Requirements

Role	Create Export	Download	View History	Schedule
`admin`	Yes	Yes	Yes	Yes
`compliance_officer`	Yes	Yes	Yes	Yes
`auditor`	Yes	Yes	Yes	No
`viewer`	No	No	Yes	No

SDK Integration

from ascend import AscendClient

client = AscendClient(api_key="owkai_...")

# Create compliance export
job = client.compliance.create_export(
    framework="sox",
    report_type="audit_trail",
    export_format="pdf",
    start_date="2025-10-01T00:00:00Z",
    end_date="2025-12-31T23:59:59Z"
)

print(f"Export job created: {job.id}")

# Wait for completion
job = client.compliance.wait_for_export(job.id)

if job.status == "completed":
    # Download file
    client.compliance.download_export(
        job_id=job.id,
        output_path="./sox_audit_q4_2025.pdf"
    )
    print(f"Downloaded {job.file_size_bytes} bytes")

Best Practices

1. Schedule Regular Reports

# Weekly audit trail
client.compliance.create_schedule(
    name="Weekly Audit",
    framework="sox",
    cron="0 6 * * 1"
)

2. Verify Downloaded Files

# Always verify hash after download
is_valid = client.compliance.verify_export(
    job_id=job.id,
    hash_value=calculated_hash
)

3. Use Appropriate Retention

# Match retention to compliance requirements
{
    "retention_days": 2555  # 7 years for SOX
}

4. Exclude PII When Possible

# Minimize sensitive data exposure
{
    "include_pii": false
}

Next Steps

Audit Logging — Immutable audit system
Analytics — Compliance analytics
Risk Assessment — Risk scoring

Document Version: 1.0.0 | Last Updated: December 2025

Overview​

Supported Frameworks​

Export Formats​

Get Framework Information​

List All Frameworks​

Get Framework Details​

Creating Exports​

Create Export Job​

Quick Export​

Export Job Management​

Check Export Status​

List All Exports​

Downloading Exports​

Download File​

Verify Export Integrity​

Download Audit Trail​

Scheduled Reports​

Create Schedule​

Common Cron Expressions​

List Schedules​

Update Schedule​

Delete Schedule​

Export Metrics​

Report Types​

Audit Trail​

Access Log​

Policy Changes​

Risk Assessment​

Incident Report​

Role Requirements​

SDK Integration​

Best Practices​

1. Schedule Regular Reports​

2. Verify Downloaded Files​

3. Use Appropriate Retention​

4. Exclude PII When Possible​

Next Steps​

Overview

Supported Frameworks

Export Formats

Get Framework Information

List All Frameworks

Get Framework Details

Creating Exports

Create Export Job

Quick Export

Export Job Management

Check Export Status

List All Exports

Downloading Exports

Download File

Verify Export Integrity

Download Audit Trail

Scheduled Reports

Create Schedule

Common Cron Expressions

List Schedules

Update Schedule

Delete Schedule

Export Metrics

Report Types

Audit Trail

Access Log

Policy Changes

Risk Assessment

Incident Report

Role Requirements

SDK Integration

Best Practices

1. Schedule Regular Reports

2. Verify Downloaded Files

3. Use Appropriate Retention

4. Exclude PII When Possible

Next Steps