Documentation Index
Fetch the complete documentation index at: https://docs.matproof.com/llms.txt
Use this file to discover all available pages before exploring further.
Overview
Matproof’s Audit Programs module lets you run structured internal compliance audits against your frameworks. Create audit programs, assign auditors, work through control checklists, log findings, and generate a final audit report — all in one place.Audit Programs
Plan and scope audits, assign auditors, track progress
Audit Reports
Generate PDF reports with findings, gaps, and recommendations
Audit Dashboard
Upcoming audits, overdue items, findings by severity
External Auditors
Invite external auditors with read-only access
Creating an audit program
Navigate to Audit Programs (/[orgId]/audit-programs) and click New Audit Program.
You will configure:
| Field | Description |
|---|---|
| Framework | The compliance framework being audited (ISO 27001, DORA, etc.) |
| Scope | Which systems, departments, or processes are in scope |
| Auditor | Internal team member or external auditor assigned to lead |
| Schedule | Start date, end date, and any recurring cadence |
Running the audit checklist
Inside a program (/[orgId]/audit-programs/[programId]), the checklist view shows all controls to be reviewed. For each control, the auditor can:
- Mark the control as Conformant, Partial, or Non-conformant
- Add notes on what was reviewed and how
- Attach or request evidence directly from the checklist item
- Log a finding when a gap or deficiency is identified
Logging findings
A finding is a documented gap, deficiency, or non-conformity identified during the audit. Each finding includes:- Title — short description of the gap
- Severity — informational, minor, major, critical
- Linked control — which control it relates to
- Description — detail on what was found and why it is an issue
- Recommendation — suggested remediation
- Status — open, in review, resolved
Inviting external auditors
You can invite external auditors by email from the program’s Auditors tab. External auditors receive the Auditor role, which grants:- Read-only access to controls, evidence, and policies in scope
- Access to their dedicated auditor view at
/[orgId]/auditor - No ability to modify data or settings
External auditors cannot see controls, evidence, or findings outside the specific program they are assigned to.
Generating the audit report
Once the checklist is complete, click Generate Report to produce a PDF audit report. The report includes:- Executive summary — scope, methodology, overall assessment
- Control status summary — conformant, partial, non-conformant counts
- Evidence summary — evidence collected per control
- Findings — all logged findings with severity and recommendations
- Gaps and risks — areas requiring immediate attention
- Recommendations — prioritized remediation steps
/[orgId]/audit-reports) and can be downloaded at any time.
Audit dashboard
The Audit Dashboard (/[orgId]/audit-dashboard) gives a real-time overview of your audit program health:
- Upcoming audits — programs scheduled in the next 30/60/90 days
- Overdue items — checklist items or evidence requests past their due date
- Findings by severity — breakdown of open findings across all programs
- Recent activity — latest updates across active audit programs