Ctrlk
Sprinto DashboardAPI Reference

Configure Entities in Audit Evidence

Configure which staff members and risk registers are included in audit evidence to control the records displayed during evidence review.

Entity configuration allows you to control which records are displayed as evidence during an audit. You can include or exclude specific entities so that only relevant data is surfaced to auditors during the evidence review process.

Currently, Sprinto supports configuring the following entities within audit evidence:

  • Staff

  • Risk Registers

When an entity is included in an audit, its associated records are automatically mapped to applicable audit requirements and evidence sets.

Note

Entity-based evidence configuration is available as an on-demand feature. To enable this feature for your organisation, contact the Sprinto Support team.

Configure entities in audit evidence

  1. Log in to the Sprinto Dashboard and navigate to Audits.

  2. Select the audit you want to configure.

  1. Open the Evidence tab.

  2. Click Edit entities in evidences.

The Choose Entities to display in evidences drawer opens and displays all supported entities available for configuration.

Configure staff

  1. In the entity drawer, select Staff.

  1. Choose one of the following options:

    • Select the checkbox beside User to include all staff members.

    • Select individual staff members to include only specific users.

  2. Review the selected staff records.

  3. Click Save.

The selected staff members are included in the audit evidence and become available wherever staff-related evidence is mapped.

Configure risk registers

  1. In the entity drawer, select Risk Registers.

  1. Choose one of the following options:

    • Select the checkbox beside Risk register to include all available risk registers.

    • Select individual risk registers to include specific registers.

  2. Review your selections.

  3. Click Save.

The selected risk registers are included in the audit and their associated records become available as evidence for applicable audit requirements.

View risk register evidence in audit requirements

When Risk Registers are included in an audit, Sprinto automatically maps relevant risk register records to associated controls and requirements.

To review the mapped evidence:

  1. Navigate to the audit's Evidence tab.

  2. Select a requirement that contains risk register evidence.

  1. Open the requirement to view its details.

The requirement page displays:

  • Mapped evidence sets.

  • Associated risk assessment records.

  • Supporting evidence linked to the selected Risk Register.

  • Related documentation and evaluation details.

If multiple Risk Registers are included in the audit, use the Risk Register filter to switch between registers and review evidence records from a specific register.

This helps auditors review risk-related evidence without leaving the audit workflow.

Notes

  • Entity configuration is currently supported for Staff and Risk Registers only. We plan to extend support for more entities soon.

  • Changes apply only to the selected audit.

  • Excluded entities are not displayed as part of the audit evidence.

  • Evidence records are automatically surfaced in applicable requirements when the corresponding entity is included in the audit.

  • If multiple Risk Registers are included, reviewers can filter evidence by register directly from the requirement view.

PreviousUpdate Controls and Criteria for an Automated AuditNextAudit Dashboard States

Last updated