Audit service would ideally support map-reduce-style analytics.
Evidence of fixity checking on a "routine basis", and with logs "stored separately or protected separately from the AIPs themselves" should be available.
Fedora 4 REST API should support dissemination of event/audit information.