$492.00 Fixed
I need help with the designing and developing an audit management portal specifically for Yubi Group, from the perspective of the auditee. We are regularly audited by various clients (banks, NBFCs, companies, etc.) on various aspects including onboarding assessment, InfoSec risk assessment, 3rd party risk assessment, vendor risk assessment, and on-site reviews. The goal of this portal is to streamline and efficiently manage these audit requirements.
Target Users:
Client Auditors: Representatives from banks, NBFCs, and other companies who are conducting audits on Yubi Group.
Yubi Group Admin: Internal Yubi Group users responsible for managing the audit process and responding to audit requests.
Yubi Group Internal Teams: Individuals within Yubi Group who are assigned specific audit tasks and responsible for providing information or documentation.
Key Features and Functionality:
Client Audit Request Submission:
Clients (e.g., banks) should be able to log in to the portal securely.
Clients should be able to initiate a new audit request, specifying the type of audit (e.g., InfoSec risk assessment, vendor risk assessment).
Clients should be able to upload their audit questionnaire or specify their requirements.
The system should store a history of all previous audit requests from each client.
Centralized Document Repository:
A dedicated section should house common documents relevant to most audits (e.g., SOC2 report, organization details, ISO certificates).
Yubi Group admins should be able to easily upload and update these documents.
These documents should be readily accessible to client auditors. Indicate which documents have been updated since the client's last visit.
Audit Response Management:
Yubi Group internal teams should be notified of new audit requests and assigned specific tasks related to responding to the questionnaire.
The portal should facilitate collaboration and communication between internal teams and the admin regarding audit responses.
The system should track the progress of each audit response, including pending queries, deadlines, and assigned personnel.
Admin Dashboard and Reporting:
The admin dashboard should provide a comprehensive overview of all ongoing audits.
It should display:
Pending audit queries.
The time elapsed since queries were raised.
The individual or team responsible for each pending query.
Any dependencies between queries.
The system should support periodic and ad-hoc reporting on audit status and performance.
Automated Alerts and Notifications:
The system should generate automated email alerts to internal teams regarding pending tasks, approaching deadlines, and overdue responses.
Admins should be able to configure the frequency and content of these alerts.
Security and Access Control:
Secure authentication and authorization mechanisms are crucial for both client and internal users.
Access control should be granular, ensuring that users only have access to relevant information and functionalities.
User Roles and Permissions:
Define specific roles for:
Client Auditors (limited access to submit requests, view documents, and track progress).
Yubi Group Admins (full access to manage audits, users, and documents).
Yubi Group Internal Teams (access to respond to assigned queries).
- Proposal: 0
- 85 days
