Skip to main content
The Audits page is where you create, manage, and track formal compliance audits. Each audit corresponds to a framework and tracks evidence readiness through the entire audit lifecycle.

Creating an audit

Click New Audit to start. You will need to select:
  • The framework being audited (e.g., SOC 2)
  • The owner responsible for managing the audit
  • The auditor (invited via email)
When you invite an auditor, they receive an email with access to a dedicated audit view. Auditors have limited permissions — they can view and comment on evidence but cannot modify your compliance data.

Audit dashboard

Each audit displays three key sections:

Timeline

Key milestones — when the audit started, when the auditor was assigned, and current status.

Evidence Status

Breakdown of evidence items: Not Ready, Flagged, Ready, Accepted, and Not Applicable.

Compliance Process

Progress bars for Controls, Automated Tests, Policies, and Documents.

Audit statuses

StatusDescription
In ProgressThe audit is active and evidence is being reviewed
CompletedAll evidence has been reviewed and the audit is finalized

Working with your auditor

Auditors can review each piece of evidence and update its status:
  • Accept — the evidence satisfies the requirement
  • Flag — the auditor needs more information or has concerns
  • Not Applicable — the requirement does not apply
Both you and the auditor can leave comments on any evidence item. A comment icon appears next to items with active discussions.
Export your evidence list, policy documents, and control reports directly from the audit detail page to share with auditors who prefer working outside the platform.