Audits are investigations which primarily evaluate the processes for fulfilling requirements and guidelines. They are conducted by internal or external auditors and take place in irregularly planned intervals or in a case of doubt. After an audit has been completed, an acyclic audit planning takes place in which the discoveries are recorded and processed to ensure an optimal follow-up process.
Important: Configuring internal and external authorities is one of the prime functions of the executive board or managing directors. In the event of culpable breaches, the respective individual is personally liable and must replace the resulting damages.
You can use audit management as a standalone GRC solution or integrate it in risk2value with existing systems for e.g. Risk Management, Internal Control System, etc. Since the methodology is aligned, data from cyclical audits (e.g. that are stored in the ISMS) and acyclic ones are seamlessly integrated. This generates a greater scope of information and a better foundation for making decisions regarding changes.
Example of a dashboard in Audit Management
- Support of the complete audit management process
- Flexible audit planning and scheduling
- Implement complex approval processes with workflows
- Remind contributors to complete measures
- Use vast capabilities to present insights gained through audit management
- Visualize extracts from current audit data graphically at any time
- Generate individual reports for different target groups
- Workflow-driven dashboards with information on current audits and tasks
- Flexible authorization system based on roles and groups
- Tracking for measures, audit findings and work packages
- Collection of various information such as costs, time spent, responsibilities or criticality for individual measures
- Flexible reporting
Thanks to the flexible configuration of risk2value different Audit Management processes can be supported:
- Audit Management
- Audit Tracking
- IT Audit Management