The Audits page tracks internal reviews and certification assessments.
Audit types
| Type | Description |
|---|---|
| Internal Review | Self-conducted review of controls and evidence before submission |
| CE Basic Submission | The formal self-assessment questionnaire submitted to a certification body |
| CE Plus Assessment | Hands-on technical verification by an accredited assessor |
Findings
Each audit can have findings classified as:
- Non-Compliance — Requirement not met; must be remediated for certification
- Observation — Area for improvement that doesn't block certification
- Improvement — Suggestion for enhancing controls beyond minimum requirements
Track each finding through its lifecycle: Open → In Progress → Remediated → Verified.