# How to configure and resolve Sprinto workflow check for Internal Audit

An internal audit serves as a structured review process to evaluate the effectiveness of your organisation’s information security controls, risk management, and compliance practices. Conducting internal audits periodically ensures that gaps are identified early and that your compliance posture remains strong before external audits.

Sprinto’s workflow check helps you track, document, and provide evidence of your **Internal Audit** activity. The collected evidence is later used during compliance audits across frameworks such as ISO 27001, SOC 2, and GDPR.

***

### Before You Begin

Ensure that you:

* Have administrative access to your Sprinto account.
* Know the frequency at which internal audits are to be performed (e.g., quarterly, annually).
* Have access to internal audit reports or summary findings that can be uploaded as evidence.

***

### Configuring the Workflow Check

1. Log in to your Sprinto account as an **Administrator**.
2. Navigate to **Data Library → Workflow Checks**.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2Ff18d6UyOVQR9P3WOYZPh%2FScreenshot%202025-10-21%20at%2010.55.49.png?alt=media&#x26;token=8b4a2336-320b-4add-b24f-f82f76cad7b0" alt="" width="563"><figcaption></figcaption></figure>

3. Click **Create Check → Add from template**.
4. Locate **Internal Audit should be conducted periodically** from the checklist and click **Enable**.
5. On the **Add Workflow Check** page, click **Edit** to:
   * Set the desired frequency (default: every 12 months).
   * Assign responsible personnel and reviewers.
6. Click **Add check**.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FFIKkWNEga20kLOncQMSW%2FScreenshot%202025-10-21%20at%2010.56.55.png?alt=media&#x26;token=56eb67df-e22c-4a1d-a777-7c9e633f0b0b" alt="" width="563"><figcaption></figcaption></figure>

Once enabled, the check status will appear as *Due*, *Critical*, or *Failing* until evidence is uploaded.

***

### Resolving the Check

Here's a short video on how to resolve this workflow check.

{% embed url="<https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FVZPdhyhVy48mDifjQW92%2FConducting%20Internal%20Audit%20Assessment%20with%20Sprinto%20.mp4?alt=media&token=66001717-6846-4011-9597-c44d984d7dfe>" %}

1. Log in to the **Sprinto Admin Portal**.
2. Go to **Data Library → Workflow Checks**.
3. Select the **Internal Audit should be conducted periodically** check.
4. Click **Upload evidence**.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FbhOJwioK43YFCypSv4wV%2FScreenshot%202025-10-21%20at%2010.58.35.png?alt=media&#x26;token=f8614443-6e3a-4e27-bd03-85e0c3dec3d1" alt="" width="563"><figcaption></figcaption></figure>

5. Enter the **Evidence Record Date**, then choose how to upload:
   * **File:** Upload the audit report or summary file directly.
   * **Link:** Provide a link to the internal audit documentation stored securely online.
6. Click **Finish**.

The check will automatically update to *Passing* once the evidence is verified.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2F4KC3vI45IrTl9IVXkIfc%2FScreenshot%202025-10-21%20at%2010.59.48.png?alt=media&#x26;token=76ca9c17-58a6-4e43-afa0-cdda8f014f3a" alt="" width="356"><figcaption></figcaption></figure>

***

### Evidence Requirements

You can provide one or more of the following:

* Internal audit report or summary.
* Evidence of meeting minutes or corrective actions.
* Screenshots of the audit management tool or tracker showing completed audit status.

***

### Frequency

The default frequency is **annual**, but you can adjust it to **quarterly** or **bi-annual** depending on your compliance requirements.