Evidence Collection: How to Create an Evidence Request

Modified on Wed, 28 Sep, 2022 at 2:15 AM

Once Internal Controls have been established, evidence is used to verify the implementation of controls for compliance.

The requisite evidence is often provided by the auditor during the readiness period, generally following a readiness assessment. NOTE: C1Risk will provide you with a readiness assessment for most audit requirements. Contact your account manager or support@c1risk.com

Evidence lists from auditors (sometimes referred to as information Request - IRL’s or  Provided by Client PbC lists) can be bulk uploaded into the 1Risk Platform. Contact support@c1risk.com. We request an SLA of 10 business days, however, escalation is possible.

In the 1Risk platform, you can automate evidence collection in the following ways:

  1. Using API integration to automatically pull data into the 1Risk Platform from your business systems

  2. By Frequency (cadence) or collection: Set up continuous monitoring in your platform by indicating the frequency at which the evidence needs to be collected and verified, either via API or from an evidence owner. The system will automatically run an API call or send out notifications to the evidence owner based on the desired frequency (daily, weekly, monthly, quarterly, etc.)

HELPFUL TIP: Note you can manage your quarterly access review on the 1Risk platform using this methodology - see our training on Quarterly Access Review.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article