Skip to main content

Audits Page

S
Written by Shannon DeLange
Updated today

The Audits Page in Vanta is your one-stop location for all compliance audit-related information. You can manage reports and timelines from here and connect with your auditors.

Audits Page Overview

  • From the left-hand navigation panel, select Audits

  • There will be two tabs, Active and Competed

N/A is a status for evidence that an auditor has marked not applicable. Only auditors can mark evidence as N/A.

  • The active page details current audits, while the completed page gives you access to previous audits and audit reports.

  • You can filter for specifics, including Audit Firm, Framework, and Status, or search for terms directly from the search bar.

Screenshot 2025-03-03 at 4.43.43 PM.png

  • The Completed page will allow you to view previous audits and download the reports.

  • Audits can be deleted, and audit reports can be downloaded by selecting the three-dot menu.

Screenshot 2023-09-12 at 12.17.40 PM.png

Starting the Audit

  • Audits can be created by selecting +Add Audit

  • From here, you can select the Framework and choose your auditor

    • Do not select an auditor from the dropdown if you prefer to begin the audit process before adding an auditor.

    • The Auditor can be added at a later time by selecting the three-dot menu and choosing Assign to audit firm.

Screenshot 2024-07-12 at 4.43.03 PM.png

  • Select the Framework, enter the full domain of the audit firm, and who will be performing the audit

    • Auditors will have view access to your controls and their supporting evidence (tests, documents, and policies) for the framework that's being audited.

    • Only data encapsulated within the audit window will be visible to your auditors.

    • Auditors can create custom evidence requests if they need additional evidence from you.

    • Auditors won't be able to view employee-sensitive data.

    • Auditors cannot add or modify user access.

Screenshot 2024-06-13 at 2.25.07 PM.png

  • Establish the dates for you Audit window, and select Add Audit

  • Choose the dates for the audit window and which date you would like to give your auditor access to your audit information

  • The early access date will allow for the auditor to access your Vanta instance before the audit window. Early access means the auditor can help you with a readiness check and can ensure that you are audit-ready!

  • Click Add Audit

  • Active audits will be visible from your Active tab on the audit page

  • From here, you can edit the audit dates and view the timeline of your audit

    • Please keep in mind that dates still must be confirmed with your auditor

For SOC 2 Audits

  • If you would like TSCs (Trust services criteria) enabled, please contact the Customer Success team. They will enable this feature in your Vanta instance.

  • When creating a new Audit for SOC 2, you will see TSC (Trust services criteria), you may add or remove options as needed.

  • Once the audit is created, TSCs can be added or removed from the engagement until the audit start date.

  • TSCs can not be edited or removed once the audit begins.

Screenshot 2024-12-09 at 1.21.07 PM.png

Audit Progress

  • The Audit progress bar will visually show your level of audit readiness and any evidence that has been flagged, accepted, or not applicable.

    • N/A is a status for evidence that an auditor has marked not applicable. Only auditors can mark evidence as N/A (in their audit engagement)

Screenshot 2024-07-18 at 4.52.21 PM.png

  • If you need to edit your audit dates, you can do so from the Audit Page

  • Select the three-dot menu of the audit you would like to edit

  • Select Edit Audit Dates

  • Add the appropriate date information

  • Select Save

Screenshot 2023-09-27 at 4.18.56 PM.png

Please note: Only Evidence Requests (document uploads) can have their Audit Evidence status retroactively updated. For example, if a test changed to passing after the Audit window has begun, that piece of evidence will still be marked as Not ready for audit.

Auditor View

  • Select Open Audit to view as an auditor. Viewing as an audit will show you precisely what your auditor has access to in your Vanta account.

Screenshot 2024-07-18 at 4.59.00 PM.png

  • You can view the Auditor's assessment of specific pieces of evidence from the Evidence section of the Auditor's view for a more comprehensive understanding. This is because auditors are able to assess every piece of evidence collected by Vanta in one location.

Screenshot 2024-07-18 at 4.59.57 PM.png

Auditor Comments

With Vanta's Comment section, users can communicate with their auditor in Vanta, keeping all correspondence in one succinct location.

  • From the Audits page, select Open Audit from any current audits

  • From the evidence tab, click on the evidence item you would like to address with your auditor

  • Select the Comments tab

  • View and respond to comments made by your Auditor

  • All Admin and Editor users will get notified of new Auditor comments, and Auditors will be notified of any comments made by Vanta Users

image (1).png
Related Articles
Framework Details Page
Audit Evidence
Adding and Managing Auditors in Vanta
Automated Test History
Approve or Flag Evidence in an Audit