The most critical piece of the audit experience in Comply is the requests. There are a few ways to create and manage requests to make it easy to be audit-ready.
When creating a new Audit in Comply, you're able to upload a csv request list from an auditor to make it simple to get all of your requests in the system. You can think of each request list as a csv file for a single round of auditor questions. Each request list may contain many requests, where a single request is something like "System configuration standard documents or system hardening documentation for all systems (including router)"
During the audit creation:
- Give your audit a name, coverage period, and ticket due date
- Import your request list (or press cancel to create requests manually, one at a time)
- File type must be a CSV
- The first column must have a header "id", all in lowercase and without quotes. This column should contain a unique identifier for each request.
- The second column must have header "description", all in lowercase and without quotes. This column should contain an explanation of the purpose of the request.
- There should be no additional columns other than those specified in the previous steps
- There must be one row per item in the request list
You can generate a request list from most auditor's portals
If your external auditor has a portal through which they've asked you to submit evidence, in most cases you can generate a CSV export of what they're asking for directly from their portal. This will save you time as you map evidence items to their request list.
If you don't bulk upload your requests, or if you need to add additional requests after the bulk upload you're able to create requests.
- Simply use the Add Request button in the top right
Updated 9 days ago
Learn how to manage requests such as mapping evidence to them and completing them