Welcome! Please answer on behalf of your team or function, reflecting the past 12 months unless otherwise noted. If unsure, choose Not sure or skip. Your input helps us prepare effectively while minimizing effort.
Please answer for your team or function, using the last 12 months unless specified.
Which attestations or audits are expected to apply to your area in the next 12 months? Select all that apply.
- SOC 2
- ISO 27001
- ISO 27701
- PCI DSS
- HIPAA
- FedRAMP
- SOX ITGC
- GDPR
- CCPA/CPRA
- Other
- Not sure
How clearly is the audit scope defined for your team?
Who is the primary owner for audit responses for your team?
Which primary control framework does your area align to today?
For each domain, rate your current implementation status.
What is the level of automation for control testing in the last quarter?
When were your key policies and standards last reviewed and approved?
- Within 6 months
- 6-12 months
- 12-24 months
- Over 24 months
- Not applicable
- Not sure
What percentage of your team completed required security/compliance training in the last 12 months?
How confident are you that your team can retrieve required audit evidence within 5 business days?
Where is most audit evidence or source records stored today? Select all that apply.
- Ticketing (e.g., Jira/ServiceNow)
- GRC platform
- Shared drives (e.g., SharePoint/Drive)
- Version control (e.g., Git)
- SIEM/log platform
- HRIS
- Asset inventory/CMDB
- Email threads
- Other
On average, how long does it take to produce requested evidence after an auditor requests it?
- Same day
- 1-2 business days
- 3-5 business days
- 6-10 business days
- More than 10 business days
- Not sure
How many audit/compliance findings are currently open for your area? Please enter a whole number.
Rank the biggest blockers to audit readiness (drag to rank; top = biggest blocker).
Briefly describe the most significant audit risk for your area.
Max 600 chars
What support or enablement would help most before the next audit?
Max 600 chars
What is the target date for your next internal readiness review or dry run?
Which function best describes your role?
Approximately how many employees are in your organization?
Approximately how many people are in your team/function?
How long have you been with your current organization?
Where are you primarily located?
Attention check: To confirm you are paying attention, please select 4 on this scale.
Any other comments or context we should consider?
Max 600 chars
AI Interview: 2 Follow-up Questions on Audit Readiness
Thank you for your input—your responses help us focus our audit readiness efforts.