REQ-FUN-071
Audit log append-only at DB level (no UPDATE or DELETE granted to app role)
What
The audit log SHALL be append-only at the DB level (no UPDATE or DELETE granted to app role).
Acceptance
Permissions test confirms denial.
Source
OBJ-6.
established project management guidelines Mapping
DB-level append-only is the tamper-resistance property of the audit log.