Evidence Locker Template.
Eight sections covering the artifacts buyers actually ask for in security reviews. For each item, track whether the artifact is present, who owns it, when it was last reviewed, and where it lives. Browser-only — your checkmarks never leave this tab. Download the structure as JSON or copy as a markdown index, then mirror it in your own drive.
What this is — and is not
What it is: a folder structure for the artifacts you already have. Organizing evidence well shortens security reviews, gives your auditor a starting point, and means the next buyer's questionnaire takes hours instead of weeks.
What it isn't: a compliance certification, a substitute for an audit, or legal advice. A complete locker does not make you SOC 2 compliant, ISO 27001 certified, HIPAA covered, or anything else. The artifacts still need to be true. The audit conversation is still yours to have.
The eight sections mirror what comes up most often in SIG, CAIQ, and VSA security questionnaires — and what the AI Procurement Pulse measurement framework expects to find published. Pair with the AI System Card Builder for the AI-specific layer.