Skip to main content
The Audit module lets you record findings identified during internal audits and monitor their status through a two-panel layout: a finding entry form on the left and a live findings tracker on the right.
ISOwl’s audit workflow follows ISO 19011 — Guidelines for auditing management systems.

Finding types

Every audit finding is classified into one of four types defined by ISO 19011:

NC Mayor

Non-Conformity Major — A significant failure to meet a requirement that puts the management system or its objectives at risk.

NC Menor

Non-Conformity Minor — A limited or isolated failure to meet a requirement that does not undermine the system as a whole.

Observación

Observation — A situation that, while not yet non-conforming, could deteriorate and become a non-conformity if left unaddressed.

OFI

Opportunity for Improvement — A positive suggestion to enhance effectiveness, even though no requirement is violated.

Logging a new finding

1

Open the Audit module

Navigate to Audit in the left sidebar. The two-column layout loads with the entry form on the left.
2

Fill in the finding details

Complete the form fields:
FieldDescription
IDAuto-generated identifier (e.g., NC001)
TypeSelect NC Mayor, NC Menor, Observación, or OFI
DateDate the finding was identified (YYYY-MM-DD)
Additional fieldsDescription, auditor name, clause reference, and any other contextual information
3

Submit the finding

Click Add Finding. The entry appears immediately in the Findings Tracker table on the right with status set to Abierto (Open).

Findings tracker table

The tracker on the right side of the screen displays all logged findings with the following columns:
  • ID — Unique finding reference
  • Type — NC Mayor, NC Menor, Observación, or OFI
  • Date — Date identified
  • Status — Current state of the finding (Abierto)
Use the Corrective Action Plan (PAC) module to track remediation progress for findings that require corrective actions. See the Findings & Corrective Actions page.

Audit finding lifecycle

Relationship with other modules

Corrective Action Plan

Promote audit findings into the PAC tracker to assign owners, set due dates, and monitor remediation progress.

Security Metrics

Audit findings feed into the KPIs for closure rate and overdue findings on the Security Metrics dashboard.

Frequently asked questions

Audit findings logged here are immutable records. To update the remediation status or assign corrective actions, use the Findings & Corrective Actions module.
The Audit module is a log for findings identified during formal internal audits. The Findings module (PAC) is the corrective action tracking system where you assign owners, due dates, and progress to each finding that requires remediation.
IDs are auto-generated sequentially (e.g., NC001, NC002) when a finding is submitted. They cannot be changed after creation.

Build docs developers (and LLMs) love

Get started for freeTalk to us