Compliance 360, a provider of enterprise governance, risk, and compliance solutions, has expanded its solution footprint with the addition of a new, integrated application for managing internal audits.

The new Internal Audit application was built from the ground up with the same design concepts and features that support the rest of the applications in Compliance 360’s GRC Suite. Key capabilities of Compliance 360 Internal Audit include:

  • A centralized repository of all audit plans, workpapers, audit work programs, findings, reports, and follow-ups;

  • Comprehensive audit plan management throughout the life-cycle of each audit, including resource assignments and workplan creation;

  • Automatic generation of audit workpapers directly from workplan;

  • Complete meeting management with tracking of meeting agendas, attendance, and minutes;

  • Audit task management with fully automated and customizable workflow;

  • Central management and extensive reporting of audit findings;

  • Documentation of recommendations, management responses, and oversight of remediation projects; and

  • Sophisticated capabilities for creating, managing, and analyzing customizable surveys for any size organization.


In addition, Internal Audit is seamlessly integrated with the rest of Compliance 360’s applications. Highlights of these built-in connections include:

  • Integration with Regulatory Compliance and Policy Management. In many organizations, a large percentage of internal audits are focused on regulatory compliance, policies, and procedures. With the ability to link internal audits with policies and procedures in Compliance 360, organizations can greatly simplify the work of Internal Auditors and promote more effective collaboration.

  • Integration with the Virtual Evidence Room, linking all audits and findings to specific relevant risks, laws, regulations, policies, surveys, and incidents. With minimal overhead, organizations can maintain a constant state of readiness for external reviews and exams.

  • Integration with Enterprise Risk Management, including annual risk assessments; Configurable scoring and prioritization using graphical heat maps; streamlined set-up and execution of assessment questionnaires with reusable questions, response sets and question templates, and documentation of control tests.


Organizations can leverage this integration to direct internal audits toward the areas of greatest risk, and in turn, feed selected audit findings back into the risk model to maintain up-to-date, comprehensive risk assessments.