What first steps should I take towards working with the audit management?

Once you have implemented a management system you can start working with the audit management module via the following steps.

1. Acquire the license for the audit management add-on, feel free to contact office@togethersecure.at for this.
2. Activate the audit management add-on using the checkbox under Administration > Management systems.
3. Distribute the expert, professional, and/or observer role for "AM" under Administration > User roles.

You can enter audit information for every organizational unit under Administration > Organizational units. For this, open the OU with a double click and switch to the last tab "Audit information". Record the respective OU's number of employees as well as their local management representative. This does not need to be the same person as the responsible. Decide here, whether the organizational unit should be suggested for auditing in every audit program. This influences the OU's availability when planning with the audit calendar. Lastly, you can add any certifications of the OU with the "plus" button. This data is of a purely informational nature.

Under Audit management > Settings you can configure the audit management module for the current management system. The central management representative added here is automatically filled in as the creator for new audit programs.

• Activate determination type for reviews

If this checkbox is activated, the selection of determination types in addition to an answer is enabled for review questions.

• internal audit required before external audit

Activating this checkbox makes it so external audits that are not preceded by a preparatory internal audit are highlighted.

• Activate function assignment for reviews

Activating this checkbox makes functions recordable in the review details.

Create and manage the external auditors for all management systems with an activated audit management module here. These are auditors that execute external audits as lead auditors. As they do not have access to HITGuard, they require the company of an internal auditor with HITGuard access for reviews.

Create and manage the audit clusters for the current management system here. Audit clusters are used to group sites (organizational units) that are, for example, in close regional proximity or part of the same division. In the course of audits, usually several sites are audited. Audit clusters make it possible to group these sites together.

If you have activated the function assignment for reviews under Audit management > Settings, you can create and manage the functions for the current management system here. Using functions it's possible to further specify the context of a review. In addition to the interview partner, a function can be chosen if review objects are assessed from a task-specific point of view. An example would be the questioning of an interview partner specifically from their perspective in the role of team lead or risk owner.

Under Audit management > Settings you can create and manage the topic collections in the tab "Topic collections" for the current management system. A topic collection is a collection of review objects (topics) from one or more knowledge bases, that are often asked together in reviews or audits and should therefore be able to be added together more easily.