Audits

Responding to hundreds of information requests which need to be fulfilled by different teams is laborious and daunting. With ControlMap’s pre-mapped evidence lists and controls every time your company undergoes a cybersecurity audit, you can be in absolute control. Upload information request lists, Delegate them to the right owners, Collaborate with the auditors, Attach evidence, and Export the audit data, all from a central streamlined system.

 

 

TABLE OF CONTENTS

 

View Audits

  1. Go to Audits
    sOK6ixRUYGO7DBz9MZSuR5IwFKW0lGN0YA.png
     
  2. All the Regulatory Frameworks ready for Audit are visible, along with their status. 
    rPsJ4mwI96O6YjQb5gWF0SeU8xia8odhBg.png

Create Audit

  1. Go to Audits.
    sOK6ixRUYGO7DBz9MZSuR5IwFKW0lGN0YA.png
  2. Click on Create an Audit and enter details for the Audit Program.
    6IlLOhQ8qR1IqQHBiGwT6kxX1sGBz6ZqPw.png
    D6ADz__NL9CvvhgQG_2pSCihyOaXDa7-wQ.png
    • Name - Provide an appropriate name for the audit program.
    • Regulatory framework - Choose the regulatory framework that is ready for audit.
    • Start date and End date - Enter a start date and end date for the audit.
    • Owner - Please choose an appropriate owner for the audit program.
    • Auditor- Please choose an appropriate auditor for the audit program.                                                               

       

      The Auditor search will only show users with Auditor Role.

       

  3. Click on Create a Program. This will create an empty audit program. The empty program can be accessed on the Audit home screen.
  4. Click on Create & upload data request to upload a data request file for the Audit.
    er-zNtgDVcEBGRYc2mbFm93vXcBzybHeEA.png
    A sample data file is available for download.
  5. Click next and map the fields from uploaded data to relevant data request attributes.
  6. dKq41L8E43zQh2AwXvgFZ-EFqij_T3RwKA.png
    Click on Start Import. The created program, along with the data requests, can be reviewed on the Audit Programs screen.

 

Create a Data Request for an existing Audit

  1. Go to Audits.
  2. Choose the audit program from the existing list for which you intend to create the data request.
  3. Click on Create Data Request.
    Wojw84EMQvJC5Zw9ussFsNV-fqCKX7ak5Q.png
     
  4. Enter relevant details to create a data request.
    • Description - Provide a relevant description.
    • Owner - Please choose an appropriate owner for the data request.
    • Auditor - Select an auditor for the data request. The Auditor search will only show users with Auditor Role. 
    • Map Requirements - Search and select the appropriate requirement to map to this data request. Mapping the data request to the right requirement will allow the users to attach pre-collected and existing evidence to the data request.      
      Y7kEu8K6oJ61Crazj2hJCPKIcWAVpmDhdA.png
            
  5. Click CreateThe created data request can be reviewed on the Audit report screen. Click on the Data Request to Edit/View.
    OiqSqMnqQjYfpB8cSdfYmSskh8VoiY9VTg.png
     

Review Data Requests for each Objective

As your business is getting ready to answer audit data requests, ControMap provides a convenient dashboard where you can review objectives for the security framework and the data request status for each objective. 

 

  1. Go to Audit.
  2. Choose an Audit Program and click on it and then click on the View Objectives button.
    fIRGKkEWeF526TA1z7tHIln4eRY-XMYGIQ.png
     
  3. Review the data requests for each objective tied to the security framework chosen for the audit program.
    MzMIG09LXuj1E-ShiXLYMzticxX1qeToYQ.png

Export Audit Data

  1. Go to Audit.
  2. Choose an audit program and click on it and then click on the Export All button.
  3. ControlMap will send you an email when the report is ready for download.