# How it Works

Understand the end-to-end flow of how to manage audits in Sprinto. From setting up an audit event to tracking tasks and outcomes, Sprinto’s audit workflow ensures you're always in control and audit-ready.

***

### Workflow

Given below is a complete end-to-end flow of how an Audit works.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FxzR6aMotVAY4TfbOu5px%2Fimage%20(11).png?alt=media&#x26;token=c543ec3a-1076-4671-8e07-2b381612d808" alt=""><figcaption></figcaption></figure>

#### Step 1: Create an Audit Event

Start by creating a new audit event—this represents a scheduled audit, such as "SOC 2 Type II – Q1 2025".

You can choose between:

* **Partner Audit:** Pre-configured based on your selected framework (e.g. SOC 2, ISO 27001).
* **Custom Audit:** Fully flexible, suited for internal reviews or customer questionnaires.

{% hint style="info" %}

* You can duplicate past audits to maintain consistency.
* Add relevant metadata like the audit period, zone, and auditor.
  {% endhint %}

***

#### Step 2: Assign Tasks and Upload Evidence

Once your audit event is created, Sprinto automatically maps relevant controls and requirements to the audit.

* Assign tasks to evidence owners across your organisation.
* Upload supporting documents and link them to the mapped requirements.
* Maintain status updates across these tasks for better visibility.

{% hint style="info" %}

* Use pre-mapped controls and evidence from existing integrations.
* The same document can be reused across multiple requirements where applicable.
  {% endhint %}

***

#### Step 3: Internal Review and Auditor Access

Before submission, perform an internal review to ensure all requirements are complete.

* Mark requirements as "Ready for Audit".
* Share secure, read-only access with your auditor.
* Use the auditor view to simulate what they will see.

{% hint style="info" %}

* You can revoke auditor access at any time.
* Sprinto maintains an audit log of all shared content for transparency.
  {% endhint %}

***

#### Step 4: Monitor Audit Progress and Report Outcomes

Track audit progress using the Audit Dashboard and Lifecycle Reporting.

* View overall completion status and requirement breakdowns.
* Identify pending tasks and overdue items.
* Export reports for internal reviews or board reporting.

{% hint style="info" %}

* Use the Lifecycle Reporting section to monitor each phase—from evidence collection to final audit closure.
* Reports are available for both partner and custom audits.
  {% endhint %}