# Overview Sprinto’s **Audit** module empowers your organisation to manage audits confidently and systematically. Whether you're undergoing a compliance audit, internal assessment, or external review, the Audits section centralises all related activities—enabling InfoSec teams, auditors, and business stakeholders to collaborate effectively. This module supports both **partner audits**, which are linked to specific frameworks (such as SOC 2, ISO 27001, or GDPR), and **custom audits**, which can be tailored to suit internal policies or third-party requests.

*** ### Key Benefits * **Streamlined management** of audit tasks, deadlines, and responsibilities. * **Real-time visibility** into audit progress and evidence collection. * **Automated documentation** and reporting, reducing manual overhead. * **Seamless auditor collaboration**, with granular access control. * **Integrated with controls and evidence** across your systems via Sprinto’s compliance engine. *** ### Types of Audits in Sprinto

Audit Type	Description
Partner Audit	Tied to a compliance framework (e.g. SOC 2, ISO 27001). Uses pre-defined requirements mapped to controls.
Custom Audit	Flexible audit setup, allowing you to define your own checklist or respond to ad hoc auditor requests.

{% hint style="info" %} You can access **Custom Audits** only if you are on **Plan 3 or Plan 4**. Users on **Plan 1 or Plan 2** have access to **Partner Audits** only. {% endhint %} *** ### Core Components

Component	Description
Audit Events	Instances that represent a scheduled audit (e.g. “SOC 2 Type II – Q1 2025”).
Evidence Collection	The process of uploading, verifying, and mapping documents to audit requirements.
Tasks	Assigned action items for evidence owners and stakeholders.
Audit Dashboard	A visual interface that provides a high-level view of audit progress and status.
Lifecycle Reporting	Insights into audit stages, completion rates, and findings to support internal reviews and board reporting.

*** ### Use Cases

Scenario	How Sprinto Audits Help
Preparing for a scheduled SOC 2 audit	Use the integrated audit workflow to track evidence, manage tasks, and collaborate with your auditor.
Responding to a customer security assessment	Create a custom audit event and upload specific documents requested by the customer.
Running internal policy audits	Configure a custom audit to validate internal controls and processes periodically.
Managing multi-framework compliance audits	Conduct and track audits across frameworks like ISO, HIPAA, and GDPR in a centralised manner.
Tracking audit outcomes and stakeholder tasks	Monitor progress, assign responsibilities, and generate reports for leadership and board presentations.

*** ### When to Use the Audit Module Use the Audit module when: * You’re preparing for a framework-based audit like SOC 2 or ISO 27001. * You need to conduct internal audits for governance and risk management. * A customer or third party requests evidence or assessment documentation. * You want to track the status of ongoing and completed audits in one place. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/audits/overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.