# How it Works

Understand the end-to-end flow of how to manage audits in Sprinto. From setting up an audit event to tracking tasks and outcomes, Sprinto’s audit workflow ensures you're always in control and audit-ready.

***

### Workflow

Given below is a complete end-to-end flow of how an Audit works.

<figure><img src="/files/EJss5420LYvzBeBzLy4G" alt=""><figcaption></figcaption></figure>

#### Step 1: Create an Audit Event

Start by creating a new audit event—this represents a scheduled audit, such as "SOC 2 Type II – Q1 2025".

You can choose between:

* **Partner Audit:** Pre-configured based on your selected framework (e.g. SOC 2, ISO 27001).
* **Custom Audit:** Fully flexible, suited for internal reviews or customer questionnaires.

{% hint style="info" %}

* You can duplicate past audits to maintain consistency.
* Add relevant metadata like the audit period, zone, and auditor.
  {% endhint %}

***

#### Step 2: Assign Tasks and Upload Evidence

Once your audit event is created, Sprinto automatically maps relevant controls and requirements to the audit.

* Assign tasks to evidence owners across your organisation.
* Upload supporting documents and link them to the mapped requirements.
* Maintain status updates across these tasks for better visibility.

{% hint style="info" %}

* Use pre-mapped controls and evidence from existing integrations.
* The same document can be reused across multiple requirements where applicable.
  {% endhint %}

***

#### Step 3: Internal Review and Auditor Access

Before submission, perform an internal review to ensure all requirements are complete.

* Mark requirements as "Ready for Audit".
* Share secure, read-only access with your auditor.
* Use the auditor view to simulate what they will see.

{% hint style="info" %}

* You can revoke auditor access at any time.
* Sprinto maintains an audit log of all shared content for transparency.
  {% endhint %}

***

#### Step 4: Monitor Audit Progress and Report Outcomes

Track audit progress using the Audit Dashboard and Lifecycle Reporting.

* View overall completion status and requirement breakdowns.
* Identify pending tasks and overdue items.
* Export reports for internal reviews or board reporting.

{% hint style="info" %}

* Use the Lifecycle Reporting section to monitor each phase—from evidence collection to final audit closure.
* Reports are available for both partner and custom audits.
  {% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sprinto.com/audits/how-it-works.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.