Learn how to manage your audits with or without the auditor
How to manage several audits?
The audit management screen helps you to navigate between the different audits. Each Audit tile (as shown below) will reflect a different framework or a specific product for which the audit will be performed.
The Audit tile includes the following details:
- Framework name
- Product name (if relevant to this
audit) - Audit timeframe
- Audit status
- Distribution of control status
When you click on the Audit tile, it will take you to the list of controls specific to that audit you clicked on.
Also on the Audit tile, you can move between the different audit periods of that specific audit in order to view any past audits or any upcoming audits.
In case you didn't set the timeframe, you can define it here: Learn more about how to set the audit details.
How to manage the Control list?
Control status
The status of the control is categorized into two main sections:
1. Working status:
The working statuses are defined when you are working on the audit. At any point, you will see what control needs your attention in order to complete the evidence-collection process. In this category there are four working statuses:
- Pending: No evidence has been collected for the relevant control.
- In Progress: One or more pieces of evidence have been collected.
- Ready for Review: All the evidence in this control is ready for internal review.
- Internally Approved: The evidence is approved by the company or by Scytale. If the relevant compliance framework includes an auditing process, this status will indicate that the control is ready for the auditor to review.
2. Audit status:
The audit statuses are defined in case your compliance framework includes an auditing process and requires an auditor's approval. In this category, there are three audit statuses:
- Auditor Approval: The auditor approved all the evidence for the relevant control.
- Open Item: The auditor marked at least one monitoring in the "Open Item" state i.e. a piece of evidence was not satisfactory or further explanation of the evidence is required.
- Closed Item: You addressed all the open items in the control. If all the "Open Item" monitoring has been addressed, the control status will be changed to "Closed Item" status.
Criteria View of the List of Controls
In the audit screen, the presentation of the controls can be viewed per criteria or category of the relevant compliance framework as shown below:
Note: This mapping is relevant for some of the framework audits.
Last but not least
✅ Once you understand the control status, make sure you complete the evidence collection and move all the controls to the final state.
✅ As part of the evidence review, verify that all the relevant evidence is displayed in the control. Learn more about How to connect the relevant evidence.