Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 44 Next »


Page Contents


Overview

The first step in the audit setup is providing basic information. The setup can be paused for an indefinite amount of time after this step is completed and resumed when there is enough data to continue. 

Creating the Audit

To create an audit, complete the following steps:

  1. In the left-hand navigation, click the New button and select Audit (External) or Audit (Internal).


    TIP

    Select External audit for the ability to export information to outside auditors. This allows external auditors to prepare a Document Request List (DRL). Select Internal audit when all assessors and verifiers are internal to your organization and don't need the exported information for preparing a DRL. 

    NOTE

    In this step, internal and external audits are the same, with the exception that external audits include two additional fields for auditors and audit firms outside your organization.

Adding Basic Information

On the first step, complete the following fields:

  1. Audit title - Add a name for the audit. This is a required field.

    TIP

    The audit title needs to be unique. The system prompts you to select another heading if there is a duplicate in the system.

  2. Audit managers - These people oversee this particular audit, and it defaults to the person creating the audit. If you are setting up an audit for someone else, set that person as Audit manager. The users added to this field can be the default selections for assessors and verifiers in the audit's assessments.

    NOTE

    To see how users added to the Audit managers field can be selected as assessors or verifiers for the audit's assessments, please see Setting up a Template in Step 4: Generating Assessments

  3. Related program - This is the framework for the audit. If a selection is made, the controls mapped to the program are displayed in Step 2 - Defining the Scope. It is optional.

    NOTE

    For instances using the ZenGRC default storage, Google Drive storage, or customized Amazon Web Services (AWS) storage, you no longer select a storage space for each audit, as it is now globally configured. For more information, please see Integrating Your Storage System. Those who connect to their own Box accounts are still able to select the Box folder designated for each audit's evidence upload. Please see the Box information within Integrating Your Storage System.

  4. The following fields only exist for an external audit:

    1. External auditors (optional) - Select ZenGRC users who need access to the visual display of an audit. Those outside your organization need to be added as a user in the application with Creator access.

    2. Audit firm (optional) - Enter the name of the audit organization.

      NOTE

      If your organization has configured ZenGRC to communicate with your Jira instance, you may have an additional selection in the first step. Please see Creating a Jira Audit.

  5. Click Next. The page for defining the scope is displayed.

    TIP

    When you click Next, the audit is created and is located in the Draft Audit tab. 

    NOTE

    Continue to the next section - Step 2: Defining the Scope.

Other Helpful Content

•  Access and User Assistance 
•  System of Record List Views  
•  Actions on the Details Page 
•  Creating New Objects 
•  Favorites 
•  Quick Tips for End Users (Printable) 
•  Searching the Left-Hand Navigation

  • No labels

© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com