Findings & Corrective Actions
Track and manage all audit findings to ensure timely remediation.
All Findings
A list of all documented findings from audits.
| Finding | Status | Related Control | Auditor | Date | Actions |
|---|---|---|---|---|---|
The fraud risk assessment was conducted but the report was not formally signed off by the executive board. The Risk Management team must obtain formal sign-off for the Q3 Fraud Risk Assessment report from the executive board within 14 days and upload the signed document as evidence. | Open | CC6.1-1 | JJane Doe | ||
Asset inventory does not include cloud assets. Update the asset inventory to include all cloud resources from AWS and GCP accounts. | In Progress | A.8.1.1-C1 | JJohn Smith | ||
Access control policy has not been reviewed in over 18 months. The IT Security team must review and update the access control policy within 30 days. | Resolved | PR.AC-1.1 | JJane Doe |