GrytLabs Research Institute
Research Report · WMI Thesis Series
Decision Lineage & Provenance
Six Traditions, One Missing Layer: A Cross-Tradition Survey of the Structural Gap Between Data Provenance and Organizational Decision Provenance
Cameisha Smith, CIA
ORCID 0009-0002-8178-8380
RR-001  v1.0  ·  Research 2026-01-20  ·  Published 2026-07-06
CC-BY 4.0  ·  DOI 10.5281/zenodo.19862937
Abstract
Organizations make decisions constantly — yet no infrastructure captures why those decisions were made, by whose authority, under what constraints, or with what expected outcomes. This survey examines six independent research traditions spanning five decades: data provenance, design rationale, institutional memory, process mining, AI accountability, and audit compliance. Each tradition independently establishes the requirement for organizational decision provenance and documents the consequences of its absence, but none provides infrastructure that captures decision context as a structural by-product of operation. The W3C PROV standard provides mature data provenance; nothing equivalent exists for decisions. The 50-year design rationale adoption failure is structurally diagnosed through cognitive load theory: every approach requires stepping outside the work to document the work. Institutional memory research confirms that preservation requires structural infrastructure, not better storage. The convergence of six traditions on the same gap — at their intersection, not within any one of them — constitutes the strongest evidence that the gap is architectural, not disciplinary.

"A record that describes the people, institutions, entities, and activities involved in producing, influencing, or delivering a piece of data or a thing."

— Moreau & Missier (2013), W3C PROV-DM Recommendation

Contents
§1Query Objective
§2Executive Summary
§3Literature Review
§4Scope + Limitations
§5Research Synthesis
§6Open Questions
§7Citations & Provenance
Cite As & Publication Notice

§1Query Objective

The Inquiry: Organizational decisions are the unit of governance accountability, yet no infrastructure exists to capture the provenance of decisions — why they were made, by what authority, under what constraints, and with what expected outcomes — as a structural by-product of organizational operation. What is the state of the art across provenance, design rationale, institutional memory, process mining, AI accountability, and audit compliance? Where does each tradition's coverage end? Is the gap between these traditions disciplinary (solvable within existing fields) or structural (requiring new infrastructure)?

Falsifiable formulation: If any existing standard, framework, tool, or research tradition provides infrastructure that captures organizational decision provenance — the full chain of why, by whose authority, under what constraints, with what alternatives considered, and with what expected outcomes — at the moment of action and as a by-product of operation rather than a separate documentation task, then the structural gap claimed here does not exist.

§2Executive Summary

The data-to-decision gap is architectural, not extensional

The W3C PROV specification defines provenance for "a piece of data or a thing." The provenance taxonomy (Buneman's why/where, Cheney's how, Herschel's what-for/what-form/what-from) provides a sophisticated vocabulary — but entirely for data. The questions organizational governance asks operate at a different abstraction level. Data provenance answers: which data influenced this output? Decision provenance must answer: why was this decision made, by whose authority, under what constraints, considering what alternatives, and expecting what outcomes? PROV's Entity/Activity/Agent model does not contain the constructs for authority delegation, constraint context, committed intent, or epistemic classification of knowledge states. The gap is not a missing PROV extension — it is a different layer of the stack.

Singh, Cobbe & Norval (2019) named this gap as "decision provenance" and proposed using data provenance methods to expose "decision pipelines." Their insight was correct — the accountability problem lives in decision chains, not just data chains. But their proposal remains within the data-flow paradigm: trace the data that flows into and out of decisions. The deeper requirement is infrastructure that captures the governance context of the decision itself — the authority, the constraints, the rationale — at the moment of commitment.

Figure 2The data-to-decision gap is architectural: data provenance infrastructure (bottom) is mature and widely deployed; decision provenance infrastructure (top) does not exist
Figure 2. The data-to-decision gap is architectural: data provenance infrastructure (bottom) is mature and widely deployed; decision provenance infrastructure (top) does not exist.
The cognitive load diagnosis resolves the design rationale adoption puzzle

Fifty years of design rationale research (Rittel 1973 → Ahmeti et al. 2024) produced increasingly lightweight documentation approaches without solving the adoption problem. The pattern: IBIS required structured argumentation networks. gIBIS made them graphical. QOC simplified the notation. ADRs reduced it to a template. Lightweight ADRs cut it to a single-page file. Each iteration reduced the burden. None eliminated it.

The cognitive load framework explains why: every approach in this tradition requires extraneous cognitive load — stepping outside the work to document the work. The designer must shift attention from the design decision to the meta-task of recording the design decision. This is not a tooling problem. It is a structural property of the documentation paradigm: when rationale capture is separate from rationale use, it imposes load that practitioners rationally reject. Nonaka & Takeuchi's (1995) SECI model adds depth: design decisions are substantially tacit knowledge — acquired through experience and not fully articulable. Attempting to externalize them after the fact is inherently lossy. The resolution requires making governance context a structural requirement of the operation itself — capturing rationale at the moment of commitment through the structural requirements of governance primitives, not through a separate documentation step.

Institutional memory literature confirms: memory loss is structural, preservation must be structural

Walsh & Ungson's (1991) five retention facilities show that organizational memory is a distributed structural property, not a database. When any facility degrades, memory degrades. Darr, Argote & Epple (1995) provided the empirical anchor: knowledge depreciation is rapid even in standardized service operations (pizza franchises). Benkard (2000) confirmed it in aircraft manufacturing. These findings demolish the naive assumption that storing information prevents memory loss. Pollitt's (2000) four amnesia types — not documented, records lost, archives inaccessible, records available but unused — describe failure modes of storage technology, not of memory infrastructure.

The synthesis across Wegner (1987), Ren & Argote (2011), Ackerman & Halverson (2000), and Fiedler & Welpe (2010) is that memory preservation is a function of organizational structure, not storage capacity. Governance infrastructure that makes decision context a structural by-product of operation addresses the root cause identified by this tradition.

The retrospective/prospective distinction is architecturally fundamental

Process mining (van der Aalst) and data provenance (Buneman/Cheney/Herschel) operate retrospectively — analyzing event logs and data transformation records after the fact. Audit standards (21 CFR Part 11, SOX 404) mandate retrospective records. Design rationale approaches attempt prospective capture but as a separate documentation burden. Kroll (2021) identifies the infrastructure gap explicitly — practitioners lack the tools to meet traceability requirements.

The synthesis reveals that prospective capture — capturing decision context at the moment of action, when reasoning is still active in working memory — is architecturally necessary. And it must be intrinsic to the operation. The xAPI standard (F11) validates that statement-based capture works at scale, but xAPI statements are epistemically flat: any actor can assert anything, no distinction between authoritative declarations and derived inferences, no authority delegation model. The gap between xAPI's deployed capability and governance requirements defines the infrastructure space.

§3Literature Review

F1
Data provenance is mature and standardized; decision provenance has no infrastructure.
Type  convergent (standards analysis + academic survey)
Strength  meta-analytic (W3C PROV-DM, Moreau et al. 2011, Missier et al. 2013)

The W3C PROV Recommendation (2013) provides a stable, widely-deployed data model for tracking data transformation. The PROV-DM specification defines provenance as "a record that describes the people, institutions, entities, and activities involved in producing, influencing, or delivering a piece of data or a thing" (Moreau & Missier 2013). The three core types — Entity ("a physical, digital, conceptual, or other kind of thing with some fixed aspects"), Activity ("something that occurs over a period of time and acts upon or with entities"), and Agent ("something that bears some form of responsibility for an activity") — and six core relations (wasGeneratedBy, used, wasAttributedTo, wasDerivedFrom, wasAssociatedWith, actedOnBehalfOf) are mature infrastructure. Domain-specific extensions exist (ProvONE for scientific workflows, GDPRov for consent tracking). The spec's Entity type does encompass conceptual things, and the core model includes actedOnBehalfOf for basic delegation — so PROV-DM is not limited to data tracking in the narrow sense. But the organizational decision context — why decisions were made, under what constraints, with what alternatives considered, and toward what committed outcomes — exceeds what the model's extension mechanisms (subtyping, expanded relations) can structurally represent, because governance primitives like constraint context, epistemic classification, and decision rationale require infrastructure the PROV data model was not designed to provide.

F2
The provenance research tradition developed a why/where/how taxonomy that is powerful but stops at data.
Type  theoretical (literature synthesis)
Strength  meta-analytic (three field-defining surveys, 2001–2017)

Buneman, Khanna & Tan (2001) formalized the distinction between why-provenance (which source data contributed to a result) and where-provenance (which locations in source databases data was extracted from) at ICDT 2001. Their syntactic approach modeled provenance in relational and XML data contexts. Cheney, Chiticariu & Tan (2009) added how-provenance — the derivation path or process by which output was produced — in their comprehensive survey for Foundations and Trends in Databases. Herschel, Diestelkämper & Ben Lahmar (2017) organized the entire field by three axes: What for (accountability, reproducibility, debugging), What form (annotations, graphs, logs), and What from (eager vs. lazy capture, workflow vs. OS-level). All three foundational surveys operate at the data level. The why/where/how taxonomy answers: which data influenced this output? Where did data originate? How was it transformed? Organizational governance asks fundamentally different questions: why was this decision made? By whose authority? Under what constraints? Considering what alternatives? Expecting what outcomes?

F3
The concept of "decision provenance" has been named, but only as a conceptual proposal without infrastructure specification.
Type  theoretical (conceptual proposal analysis)
Strength  theoretical argument

Singh, Cobbe & Norval (2019) introduced "decision provenance" in IEEE Access, proposing that data provenance methods could expose "decision pipelines" — chains of inputs to, and flow-on effects from, automated decisions — to enhance oversight, auditing, compliance, and user empowerment. Their work emerged from concerns about algorithmic accountability and opacity in systems-of-systems. The contribution is conceptual: they identified the need and proposed a data-flow-oriented approach. They did not provide a formal infrastructure specification — no primitive system, no invariant structure, no operational model for capturing decision rationale at the point of action.

F4
Design rationale research has pursued decision capture for 50 years without achieving widespread industrial adoption.
Type  empirical (50-year longitudinal evidence)
Strength  meta-analytic (16 sources spanning 1973–2024)

The trajectory begins with Rittel & Webber (1973), who introduced "wicked problems" and the Issue-Based Information System (IBIS) — structuring deliberation as Issues, Positions, and Arguments. Conklin & Begeman (1988) implemented this as gIBIS, a graphical hypertext tool for collaborative IBIS networks, at CSCW '88 — demonstrating the concept could be computerized but revealing the adoption problem: users had to step outside their work to construct rationale artifacts. MacLean et al. (1991) introduced QOC (Questions, Options, Criteria) for design space analysis — more structured than IBIS but still a separate artifact. Lee (1997) synthesized the field in IEEE Expert, documenting that "most current design rationale systems fail to consider practical concerns, such as cost-effective use and smooth integration," and identifying seven technical and business barriers. Dutoit et al. (2006) and Burge et al. (2008) compiled comprehensive Springer volumes on rationale management — the existence of these volumes is itself evidence that three decades of work had not resolved the adoption problem. Tyree & Akerman (2005) pivoted to Architecture Decision Records in IEEE Software, proposing a lightweight template (Issue, Assumptions, Alternatives, Decision, Rationale) to make architecture "more transparent and structured." Jansen & Bosch (2005) named "knowledge vaporization" — architectural knowledge lacking first-class representation — at WICSA 2005. Nygard (2011) popularized lightweight ADRs (Title, Context, Decision, Consequences) on the Cognitect blog, achieving widespread adoption. But Ahmeti, Linder, Groner & Wohlrab (2024) at ECSA 2024 documented through action research that even in a company without proper architecture documentation, introducing ADRs faced significant adoption challenges — determining which decisions warrant records, integrating into existing workflows, and scaling documentation practices.

The 50-year pattern: IBIS (1973) → gIBIS (1988) → QOC (1991) → DRL (1997) → ADRs (2005) → Lightweight ADRs (2011) → still struggling with adoption (2024). Each generation reduces capture burden without eliminating the fundamental problem.

F5
The design rationale adoption failure is structurally explained by cognitive load.
Type  theoretical (cross-domain synthesis: cognitive load theory + tacit knowledge theory + adoption evidence)
Strength  theoretical argument (synthesizing cognitive science, knowledge management theory, and 50 years of adoption evidence)

Every design rationale approach — from IBIS through lightweight ADRs — requires extraneous cognitive load: the effort of stepping outside the work to create and maintain separate rationale artifacts. Even Nygard's lightweight format (one-to-two page markdown files) requires practitioners to stop working, open a separate file, write context and consequences, and commit. The burden is reducible but not eliminable within the documentation paradigm. Nonaka & Takeuchi's (1995) SECI model provides additional grounding: design decisions are largely tacit knowledge (acquired through experience, practically useful, not fully articulable). The design rationale tradition attempted externalization — converting tacit to explicit knowledge. Externalization is inherently lossy and effortful. The resolution is not lighter documentation but the elimination of the separate documentation step: making governance context a structural requirement of the operation itself, so that lineage emerges as a by-product of deciding, not a retrospective annotation of having decided.

F6
Institutional memory is distributed, depreciates structurally, and requires structural infrastructure to preserve.
Type  convergent (13 sources across organizational science, management science, information management)
Strength  meta-analytic (empirical evidence from multiple traditions spanning 1987–2019)

Walsh & Ungson (1991) established the foundational framework in the Academy of Management Review, identifying five retention facilities: individuals (personal knowledge), culture (language, frameworks), transformations (procedures, systems), structures (organizational hierarchy, roles), and ecology (external archives, physical workspace). Memory is distributed across these facilities — it is a structural property of the organization, not a single store. When any facility degrades (turnover, restructuring, system migration), memory degrades with it regardless of database capacity.

Stein (1995) defined four memory processes — acquisition, retention, maintenance, retrieval — and stressed that maintenance is the critical bottleneck: memory degrades without active investment. Darr, Argote & Epple (1995) demonstrated empirically in Management Science that knowledge depreciates rapidly even in standardized operations: studying 36 pizza franchise stores over 18 months, they found that "as the organizations gain experience in production, the unit cost of production declines significantly," but "knowledge acquired through learning by doing is found to depreciate rapidly." Benkard (2000) confirmed organizational forgetting as structural in aircraft manufacturing in the American Economic Review. Wegner (1987) introduced transactive memory systems, and Ren & Argote (2011) reviewed 76 empirical studies over 25 years in the Academy of Management Annals, finding that transactive memory depends on relationship stability, shared mental models, and communication infrastructure — all disrupted by organizational change. Ackerman & Halverson (2000) demonstrated through ethnographic study that most organizational memory is informal and embedded in practice. Fiedler & Welpe (2010) confirmed across 122 organizations in Organization Studies that structural design determines what organizations remember.

Pollitt (2000) identified four types of institutional amnesia in Prometheus: (1) significant decisions not documented, (2) records lost, (3) archives inaccessible, (4) records exist but no one thinks to use them. Stark (2019) extended this to government. De Holan & Phillips (2004) distinguished accidental forgetting from intentional unlearning in Management Science.

F7
Process mining demonstrates the power and limit of retrospective event-log analysis.
Type  theoretical (field analysis, acknowledged limitation from founding researcher)
Strength  expert consensus

Van der Aalst (2012) established process mining in ACM TMIS as three capabilities: discovery (constructing models from event logs), conformance checking (comparing models against reality), and enhancement (extending models with additional information). Song & van der Aalst (2008) extended this to organizational mining, analyzing roles, resources, and decision patterns from event data. The critical limitation is structural: event logs record what happened and when, but cannot capture why decisions were made. Decision mining can infer decision patterns from behavioral data but cannot reconstruct rationale, authority basis, constraint context, or alternatives considered. Process mining is powerful retrospective analysis; it cannot provide prospective governance. The distinction between reconstructing patterns from event logs after the fact and capturing governance context at the moment of action is architecturally fundamental.

F8
Traceability is necessary for accountability but the infrastructure to provide it is missing.
Type  theoretical (framework analysis)
Strength  theoretical argument

Kroll (2021) established at ACM FAccT that traceability "connects records of how the system was constructed and what the system did mechanically to the broader goals of governance, in a way that highlights human understanding." Traceability requires establishing "not only how a system worked but how it was created and for what purpose." He explicitly identified a gap between what traceability requires and what practitioners have available: the toolbox is insufficient for full traceability implementation. This maps directly to the structural gap identified across the other five traditions: the requirement is established, the consequences of its absence are documented, but the infrastructure is missing.

F9
AI systems have created urgent new demand for decision provenance that existing infrastructure cannot meet.
Type  convergent (AI governance + accountability research)
Strength  expert consensus (emerging field convergence, 2019–2026)

Mitchell et al. (2019) proposed Model Cards at FAT* 2019 — standardized documentation for ML models covering training data, performance benchmarks, limitations, and intended uses. Gebru et al. (2021) proposed Datasheets for Datasets in Communications of the ACM — documentation of motivation, composition, collection process, and intended uses. Both extend beyond data provenance toward decision provenance: Model Cards capture why models were built and where they perform poorly. Datasheets capture why data was collected and what's excluded. Ojewale, Suresh & Venkatasubramanian (2026) proposed LLM audit trails as "a chronological, tamper-evident, context-rich ledger of lifecycle events and decisions that links technical provenance (models, data, training and evaluation runs, deployments, monitoring) with governance records (approvals, waivers, and attestations)." The AI accountability infrastructure being constructed piecemeal — model cards + datasheets + ML-BOMs + audit trails — addresses the same need that governance infrastructure could provide structurally.

F10
Audit trail standards mandate WHO/WHAT/WHEN but structurally omit WHY and BY WHAT AUTHORITY.
Type  empirical (regulatory standards analysis)
Strength  expert consensus

Regulatory frameworks (21 CFR Part 11, SOX Section 404, HIPAA, ISO 9001, ISACA standards) consistently require records of actions taken, by whom, and when. None requires decision rationale, authority basis, alternatives considered, or expected outcomes. Pollitt's (2000) four types of institutional amnesia apply directly: the "why" is either not documented (type 1), lost (type 2), inaccessible (type 3), or ignored (type 4). The gap across all audit standards is not merely an omission — it is the structural source of expensive retrospective reconstruction of decision context from fragmentary evidence, after decision-makers' understanding has degraded or departed.

F11
The closest deployed prior art for statement-based organizational capture is xAPI (IEEE 9274.1.1-2023).
Type  empirical (deployed standard analysis)
Strength  experimental (IEEE-standardized, production-deployed)

xAPI captures learning experiences as Actor-Verb-Object JSON statements stored in a Learning Record Store (LRS). IEEE-standardized and deployed across education, defense, and corporate training. The standard defines "actor," "verb," and "object" as required statement components, with verbs defined by communities of practice rather than by the standard itself. xAPI validates the pattern: statement-based capture works at organizational scale. It reveals the gap: no governance primitives (any actor can assert anything), no truth type system (all statements are epistemically equal), no authority model (no delegation chains), no organizational state representation.

F12
The "requirements without infrastructure" meta-pattern is validated across six independent research traditions.
Type  convergent (six-tradition synthesis)
Strength  theoretical argument (convergent validation)

Data provenance (F1–F2), design rationale (F4–F5), institutional memory (F6), process mining (F7), AI accountability (F9), and audit compliance (F10) independently converge on the same structure: the requirement for organizational decision provenance is well-established, the consequences of its absence are well-documented, but no infrastructure makes it a structural by-product of organizational operation. The convergence across traditions with different assumptions, methods, and vocabularies arriving at the same boundary is stronger evidence than any single tradition's argument, because the gap is structural — it exists at the intersection of fields, not within any one of them.

Figure 1Six independent research traditions converge on the same structural gap: each provides partial infrastructure for decision provenance, but none spans the full requirement
Figure 1. Six independent research traditions converge on the same structural gap: each provides partial infrastructure for decision provenance, but none spans the full requirement.
F13
The data lineage market validates lineage value while confirming the decision lineage gap.
Type  empirical (market analysis with expanded prior art comparison)
Strength  expert consensus (industry survey + structural differentiation analysis)

Enterprise tools (Apache Atlas, DataHub, Collibra, Informatica, Alation, MANTA) provide technical data lineage — tracking transformations through ETL pipelines, databases, and analytics platforms. Enterprise investment validates the pattern: organizations will pay for lineage infrastructure. No tool provides governance primitives, authority delegation chains, truth type systems, or organizational decision provenance. The market gap mirrors the academic gap.

Three market leaders warrant structural differentiation from DLP architecture:

Collibra AI Agent Registry. Collibra positions AI agents as "governance participants" — agents that propose metadata tags, lineage suggestions, and governance recommendations within the Collibra knowledge graph. The registry is a deployment mechanism for agents to participate in metadata governance. Structural difference from DLP: Collibra's knowledge graph is an asset repository (what data exists, how it relates) and an agent can propose changes to this repository. DLP is a governance protocol (why decisions are made, by what authority, under what constraints) and agents are constrained as AI-Assistive and AI-Agentic non-principals. Collibra invites agents into governance decisions as active proposers; DLP constrains agents to support and inform human decision-makers. This is an important architectural boundary: Collibra is centralized governance-by-agents; DLP is decentralized governance-with-agents. The two are not competitive because they operate at different abstraction levels — Collibra manages metadata asset governance, DLP governs the decisions about assets.

Alation "decision trace" concept. Alation captures "decision trace" as the implicit chain of SQL queries, transformations, and lookups that together implement a business decision (e.g., "determine customer credit risk"). The trace reconstructs decision logic from data pipeline evidence. Structural difference from DLP: Alation's decision trace is retrospective (reconstructed from pipeline evidence after the fact). DLP captures decision context prospectively (authority, constraint, alternatives, expected outcomes recorded at decision-making time). Alation answers "what sequence of operations led to this output?" DLP answers "why was this decision made, by whom, under what constraints?" These are complementary — a retrospective trace of operations paired with prospective decision context would provide full auditability. But Alation does not capture or enforce the governance context that DLP provides.

Convergence with DLP: Both Collibra and Alation represent sophisticated deployments of the data lineage paradigm within enterprises. Neither crosses into decision provenance infrastructure because neither constrains authority, enforces constraint context at decision time, or manages the escalation of governance questions from technical lineage to organizational accountability. DLP's differentiation is architectural — the protocol level (not tool level) that makes governance context structural.

§4Scope + Limitations

Included:
Excluded (with reasons):
Known gaps:
Confidence:

§5Research Synthesis

C1
The gap between data provenance and decision provenance is structural, not disciplinary.
Confidence  strongly supported
Based on  F1, F2, F3, F4, F6, F7, F8, F9, F10, F12

No individual field can close the gap because it exists at their intersection. Each field addresses its slice without providing infrastructure that spans all of them. The gap persists not because any field has failed, but because the infrastructure operates at a different abstraction level than any individual tradition.

C2
The 50-year design rationale adoption failure is structurally explained by cognitive load, not insufficient tooling.
Confidence  strongly supported
Based on  F4, F5

Each generation of tools reduced documentation burden without eliminating extraneous cognitive load. The pattern from IBIS (1973) through ECSA 2024 action research demonstrates that the problem is the documentation paradigm itself, not the specific tool.

C3
Institutional memory loss is structural, requiring structural infrastructure rather than better storage.
Confidence  strongly supported
Based on  F6

Organizations lose decision context because memory is distributed across retention facilities that degrade under organizational change, not because databases are insufficient.

C4
Decision provenance must be captured prospectively and intrinsically, not reconstructed retrospectively.
Confidence  strongly supported
Based on  F2, F7, F8, F10

Process mining, event logs, and post-hoc documentation cannot reconstruct decision rationale, authority basis, or constraint context. Prospective capture at the moment of action, as a structural by-product of the operation, is architecturally necessary.

C5
The "requirements without infrastructure" meta-pattern originates here and validates across the research program.
Confidence  strongly supported
Based on  F12 + cross-sprint validation

Six independent traditions converge. Nine subsequent sprints confirm the pattern in independent domains. The convergence is the research program's founding observation.

§6Open Questions

Questions carried forward to the open-question registry
1
Can the cognitive load diagnosis be empirically validated? The theoretical argument (F5) is strong but a controlled study comparing documentation-burden approaches against intrinsic-capture approaches would provide direct evidence.
2
How do emerging AI governance regulations relate to the audit trail gap? EU AI Act conformity assessment, NIST AI RMF, and emerging LLM audit requirements (Ojewale et al. 2026) may create new regulatory demand for decision provenance infrastructure.
3
What is the relationship between FAIR data principles and decision provenance? FAIR (Findable, Accessible, Interoperable, Reusable) governs data stewardship. FAIR for decisions — not yet formalized — would be a natural extension.
4
Does Stalla-Bourdillon's legal/data-protection work on provenance represent a separate tradition worth engaging? The attribution error (F3) revealed that Stalla-Bourdillon works on provenance from a legal/data-protection perspective (VUB, Immuta). Her work on regulatory requirements and explanations for automated decisions may complement Singh et al.'s decision provenance concept from a legal accountability angle.

§7Citations & Provenance

Provenance Standards & Foundations
1. Moreau, L. & Missier, P. (2013). "PROV-DM: The PROV Data Model." W3C Recommendation. https://www.w3.org/TR/prov-dm/
2. Lebo, T., Sahoo, S. & McGuinness, D. (2013). "PROV-O: The PROV Ontology." W3C Recommendation. https://www.w3.org/TR/prov-o/
3. Moreau, L. et al. (2011). "The Open Provenance Model core specification (v1.1)." Future Generation Computer Systems, 27(6), 743–756.
4. Buneman, P., Khanna, S. & Tan, W.-C. (2001). "Why and Where: A Characterization of Data Provenance." Proc. ICDT 2001, pp. 316–330. LNCS 1973, Springer.
5. Cheney, J., Chiticariu, L. & Tan, W.-C. (2009). "Provenance in Databases: Why, How, and Where." Foundations and Trends in Databases, 1(4), 379–474.
6. Herschel, M., Diestelkämper, R. & Ben Lahmar, H. (2017). "A Survey on Provenance: What for? What form? What from?" The VLDB Journal, 26(6), 881–906.
7. Simmhan, Y., Plale, B. & Gannon, D. (2005). "A Survey of Data Provenance in e-Science." ACM SIGMOD Record, 34(3), 31–36.
8. Missier, P., Belhajjame, K. & Cheney, J. (2013). "The W3C PROV family of specifications for modelling provenance metadata." Proc. EDBT 2013.
Decision Provenance
9. Singh, J., Cobbe, J. & Norval, C. (2019). "Decision Provenance: Harnessing Data Flow for Accountable Systems." IEEE Access, 9, 6562–6574. arXiv:1804.05741.
Traceability & Accountability
10. Kroll, J. A. (2021). "Outlining Traceability: A Principle for Operationalizing Accountability in Computing Systems." ACM FAccT 2021. arXiv:2101.09385.
11. Ojewale, V., Suresh, H. & Venkatasubramanian, S. (2026). "Audit Trails for Accountability in Large Language Models." arXiv:2601.20727.
Design Rationale (chronological)
12. Rittel, H. W. J. & Webber, M. M. (1973). "Dilemmas in a General Theory of Planning." Policy Sciences, 4(2), 155–169.
13. Conklin, J. & Begeman, M. L. (1988). "gIBIS: A Hypertext Tool for Exploratory Policy Discussion." Proc. CSCW 1988.
14. MacLean, A., Young, R. M., Bellotti, V. M. E. & Moran, T. P. (1991). "Questions, Options, and Criteria: Elements of Design Space Analysis." Human-Computer Interaction, 6(3–4), 201–250.
15. Lee, J. (1997). "Design Rationale Systems: Understanding the Issues." IEEE Expert, 12(3), 78–85.
16. Dutoit, A. H., McCall, R., Mistrik, I. & Paech, B. (2006). Rationale Management in Software Engineering. Springer.
17. Burge, J. E., Carroll, J. M., McCall, R. & Mistrik, I. (2008). Rationale-Based Software Engineering. Springer.
18. Tyree, J. & Akerman, A. (2005). "Architecture Decisions: Demystifying Architecture." IEEE Software, 22(2), 19–27.
19. Jansen, A. & Bosch, J. (2005). "Software Architecture as a Set of Architectural Design Decisions." Proc. WICSA 2005, pp. 109–120.
20. Nygard, M. (2011). "Documenting Architecture Decisions." Cognitect Blog, November 15, 2011.
21. Ahmeti, B., Linder, M., Groner, R. & Wohlrab, R. (2024). "Introducing Architecture Decision Records in Practice: An Action Research Study." Proc. ECSA 2024, Springer.
22. Buckingham Shum, S., Selvin, A., Sierhuis, M., Conklin, J., Haley, C. & Nuseibeh, B. (2006). "Hypermedia Support for Argumentation-Based Rationale: 15 Years On from gIBIS and QOC." In Rationale Management in Software Engineering, Springer, pp. 111–132.
Institutional Memory
23. Walsh, J. P. & Ungson, G. R. (1991). "Organizational Memory." Academy of Management Review, 16(1), 57–91.
24. Stein, E. W. (1995). "Organization Memory: Review of Concepts and Recommendations for Management." Int'l Journal of Information Management, 15(1), 17–32.
25. Argote, L. (2013). Organizational Learning: Creating, Retaining and Transferring Knowledge (2nd ed.). Springer.
26. Darr, E. D., Argote, L. & Epple, D. (1995). "The Acquisition, Transfer, and Depreciation of Knowledge in Service Organizations: Productivity in Franchises." Management Science, 41(11), 1750–1762.
27. Benkard, C. L. (2000). "Learning and Forgetting: The Dynamics of Aircraft Production." American Economic Review, 90(4), 1034–1054.
28. Wegner, D. M. (1987). "Transactive Memory: A Contemporary Analysis of the Group Mind." In Theories of Group Behavior, Springer, pp. 185–208.
29. Ren, Y. & Argote, L. (2011). "Transactive Memory Systems 1985–2010: An Integrative Framework of Key Dimensions, Antecedents, and Consequences." Academy of Management Annals, 5, 189–230.
30. Ackerman, M. S. & Halverson, C. A. (2000). "Reexamining Organizational Memory." Communications of the ACM, 43(1), 58–64.
31. Fiedler, M. & Welpe, I. M. (2010). "How do Organizations Remember? The Influence of Organizational Structure on Organizational Memory." Organization Studies, 31(3), 381–407.
32. Pollitt, C. (2000). "Institutional Amnesia: A Paradox of the 'Information Age'?" Prometheus, 18(1), 5–16.
33. Stark, A. (2019). "Explaining Institutional Amnesia in Government." Governance, 32(3), 471–489.
34. de Holan, P. M. & Phillips, N. (2004). "Remembrance of Things Past? The Dynamics of Organizational Forgetting." Management Science, 50(11), 1603–1613.
Tacit Knowledge
35. Nonaka, I. & Takeuchi, H. (1995). The Knowledge-Creating Company. Oxford University Press.
Process Mining
36. van der Aalst, W. M. P. (2012). "Process Mining: Overview and Opportunities." ACM TMIS, 3(2), art. 7, pp. 1–17.
37. van der Aalst, W. M. P. (2016). Process Mining: Data Science in Action (2nd ed.). Springer.
38. Song, M. & van der Aalst, W. M. P. (2008). "Towards Comprehensive Support for Organizational Mining." Decision Support Systems, 46(1), 300–317.
AI Provenance
39. Mitchell, M. et al. (2019). "Model Cards for Model Reporting." Proc. FAT 2019*, pp. 220–229.
40. Gebru, T. et al. (2021). "Datasheets for Datasets." Communications of the ACM, 64(12), 86–92.
Standards
41. IEEE 9274.1.1-2023. "Experience API (xAPI)." IEEE Standards Association.
42. U.S. FDA. 21 CFR Part 11 — Electronic Records; Electronic Signatures.
43. U.S. Congress. Sarbanes-Oxley Act of 2002, Section 404.
44. U.S. HHS. Health Insurance Portability and Accountability Act (HIPAA).
45. ISO 9001 — Quality Management Systems.
46. ISACA — Information Systems Audit and Control Standards.
Cite As

Smith, C. (2026). Decision Lineage & Provenance (Research Report RR-001, WMI Thesis). GrytLabs Research Institute. https://doi.org/10.5281/zenodo.19862937

© 2026 GrytLabs Dynamics Inc. Licensed under CC-BY 4.0.

Research Ethics Statement

This research is conducted under the GrytLabs Research Code of Ethics, derived from the IIA Code of Ethics and the GAO Yellow Book ethical framework, adapted for a research-institute context.

Four principles govern all research activity:

Integrity — findings are reported as found, not as convenient. Unfavorable results are published with the same rigor as favorable ones.

Objectivity — research questions are framed to be falsifiable. Conflicts of interest (including the founder's dual role as researcher and patent holder) are disclosed, not resolved by assertion.

Confidentiality — disclosure levels (L0–L3) govern what appears in public research. Embargoed findings, IP-critical details, and pre-publication material are withheld per the Disclosure Discipline (GOV-PS-006), not suppressed.

Competency — claims are bounded by the evidence that supports them. Architectural claims cite spec sections. Empirical claims cite research artifacts. Claims that exceed available evidence are flagged as open questions, not presented as conclusions.

The Executive Director is a Certified Internal Auditor (CIA), Institute of Internal Auditors, personally bound by the IIA Code of Ethics as a condition of that credential. This is a personal attestation, not an institutional conformance claim — GrytLabs has not undergone an IIA Quality Assessment Review and does not claim IPPF conformance.

The governing traditions (IIA, GAO, AICPA, COSO) are formally mapped to the operating model in GOV-PS-001. This research applies the principles those traditions codify; it does not claim endorsement, review, or certification by any standards body.

Publication Notice

Disclaimer

This publication is provided for research and informational purposes. GrytLabs makes reasonable efforts to ensure accuracy but does not warrant that this publication is free of errors or omissions.

If you believe this publication contains errors, omissions, or misattributions, please contact the lab at research@grytlabs.ai. Corrections will be acknowledged in subsequent versions.

AI-Assisted Research Statement

This work was produced through AI-assistive collaboration under GrytLabs' AI-assistive collaboration disclosure protocol. Claude (Anthropic) participated in literature synthesis, cross-domain pattern identification, and argumentation structuring. OpenAI Codex participated in citation and accuracy verification. AI actors participate with delegated authority, never inherent authority. Responsibility for all findings, claims, and conclusions rests with the named author.

Provenance

Full workpaper with attestation and provenance chain available at research.grytlabs.ai/docs. DOI: 10.5281/zenodo.19862937