1. Overview report
The story of AI inside the customer. Usage, active users, and the models
actually showing up. Open this first in any review.
2. Audit Log
Proof the policy is doing its job. Every retained prompt over the past
30 days, with policy violations Longwave caught and redacted on their
behalf.
How this turns into value
The two reports answer the two questions every customer eventually asks:- “How is AI being used here?” Overview shows them. They almost never know the real answer before you put this in front of them.
- “What is Longwave actually doing for us?” The Audit Log shows them. Specific people, specific prompts, specific data the policy quietly kept out of ChatGPT.
A pattern that holds up in client meetings
- Start on Reports → Overview. Set the scene: how much AI is happening, who’s using it, which tools dominate.
- Switch to Audit Log. Open one or two interactions where Violations fired. Walk the customer through what was redacted and why.
- Tie it back to the policy they signed off on. This is the policy doing its job, with names attached.
- Recommend one or two policy changes before the next review. Reviews without a decision tend not to recur.
Pick audit log examples that map to the customer’s real risks (PII,
regulated identifiers, internal project names). One concrete redaction is
more persuasive than a chart.
Who needs to see what
- Security and IT lead: policy events, exceptions, posture changes, and what you recommend changing in the policy.
- Business owner or executive sponsor: adoption, approved alternatives, and whether the program is reducing exposure. Not raw event counts.
- Your delivery team: operational signals, deployment health, and follow-ups from the last review.