This article explores a novel architecture that couples retrieval‑augmented generation, prompt‑feedback cycles, and graph neural networks to let compliance knowledge graphs evolve automatically. By closing the loop between questionnaire answers, audit outcomes, and AI‑driven prompts, organizations can keep their security and regulatory evidence up‑to‑date, reduce manual effort, and boost audit confidence.

Modern SaaS firms face an avalanche of security questionnaires, vendor assessments, and compliance audits. While AI can accelerate answer generation, it also introduces concerns about traceability, change management, and auditability. This article explores a novel approach that couples generative AI with a dedicated version‑control layer and an immutable provenance ledger. By treating each questionnaire response as a first‑class artefact—complete with cryptographic hashes, branching history, and human‑in‑the‑loop approvals—organizations gain transparent, tamper‑evident records that satisfy auditors, regulators, and internal governance boards.

This article explores the design and implementation of an immutable ledger that records AI‑generated questionnaire evidence. By combining blockchain‑style cryptographic hashes, Merkle trees, and retrieval‑augmented generation, organizations can guarantee tamper‑proof audit trails, satisfy regulatory demands, and boost stakeholder confidence in automated compliance processes.