Step 6 - Automated Evidence Collection: Upload Your Data / PBC /IRLs

Modified on Fri, 14 Jul, 2023 at 12:45 PM

How to Map Evidence, IRL, “Provided by Client” Lists

Evidence records can be associated to one or more internal controls in the C1Risk platform and are used to provide the documentation / evidence required by auditors to validate that the implementation of your compliance controls (internal controls) and compliance with the relevant regulatory requirement or standard.

For external audits, your auditor should provide a list of required documents and data to provide during audit. This list is often referred to as your IRL (Information Request List) or PBC List (Provided by Client). This list is also included in your SOC 2 Type 2 reports, along with the internal controls used to implement your SOC 2 Type 2 Certification.  For more information on how/where to find your evidence list, contact C1Risk: Submit a ticket : C1Risk Training Portal (freshdesk.com)

Evidence Collection / Continuous Monitoring

Bulk Import Your Evidence Requirements to C1Risk using a .CSV template, or by providing your report to support. Submit a ticket here: Submit a ticket : C1Risk Training Portal (freshdesk.com) or use the attached template.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article