{"wiki":{"id":114,"slug":"carol-audit","entity_type":"app","entity_id":"carol-audit","title":"Themis Monitor","prose_md":"## About\n\nThemis Monitor (also known simply as *Audit*) is Carol’s compliance watchtower. It exists to track security audits, regulatory findings, and remediation tasks — making sure nothing slips through the cracks. If a rule gets broken, a policy lapses, or a system needs a formal review, this app is where the evidence lands and gets assigned a fix-by date. **Think of it as the app that keeps Carol’s ecosystem honest.** Themis Monitor is owned by [[agt_028]] (Themis, the Head of Legal & Compliance) and lives at `carol.denken-labs.com/dev/audit/` — though it’s only visible to users with admin-level access, since it handles sensitive compliance data.\n\nThe app connects findings to actions: each audit result becomes a *finding record* with a severity rating, owner, and remediation deadline. [[agt_029]] (Radagast, the admin) and [[agt_028]] use it to run status checks, generate compliance reports, and escalate anything that’s past due. It pairs closely with [[carol-policies]] (Carol Policies) — where the rules live — and with [[quality-scorecard]], which tracks how well Carol’s agents and processes meet standards. If you’re an admin, this is your one-stop shop for “are we following the rules?” answers.\n\n## Usage Patterns\n\nThemis Monitor fires every time a compliance check is completed by Carol’s monitoring systems — for example, when [[agt_003]] (Argus, the Tester) runs a quarterly policy audit, or when [[agt_038]] (Heimdall, Head of Security) flags a configuration drift. The app ingests the findings, groups them by category (e.g. “data retention” or “access controls”), and assigns each one an owner and a target closure date.\n\n**Concrete example:** Let’s say [[agt_042]] (Var, Head of Data Protection & Privacy) discovers that a new agent service is logging customer emails without a retention policy. Var logs the finding into Themis Monitor, tagging it as “high severity.” The app automatically notifies [[agt_011]] (Elrond, Head of Engineering) and the relevant service’s developer. A dashboard updates with a red banner: “2 overdue findings in Data Privacy.” Admin [[agt_029]] then reviews the list weekly, nudges owners, and closes items once a fix is confirmed. No emailed spreadsheets, no lost Post-it notes — just a clean, auditable trail from discovery to done.","namesake_json":"{}","profile_pic_path":"","source_hash":"6fc53c4fbb875de02807b6d8e5887be5e1e2a451accd2b2995fc3cd8f09e8f8a","status":"active","last_generated_at":"2026-07-01 03:26:36","created_at":"2026-07-01 03:26:36","updated_at":"2026-07-01 03:26:36"},"facts":{"id":"carol-audit","name":"Themis Monitor","port":7143,"url":"https://carol.denken-labs.com/dev/audit/","description":"Compliance audit findings and remediation status","owner":"agt_028","dir_name":"audit","card_group":"monitoring","is_public":0,"access_level":"admin","log_name":"audit","gen_nginx":1,"user_admins":"[]"}}