← Back to home

Open source · active development

AuditFlow

A lightweight framework for structured, traceable, and reproducible internal audit work.

Open GitHub
01

The problem

Audit work is often scattered across spreadsheets, documents, emails, screenshots, and slide decks. The final conclusion may be correct, but the reasoning behind it gradually disappears and updating calculations becomes expensive.

02

AuditFlow Philosophy

Time is the most valuable resource. Therefore:

  • no work for the sake of work
  • auditors must think before starting tests
  • work should be easy to understand and trace, avoiding time wasted on clarification
  • decisions and conclusions should be data-based, and analysis should be simple and fast: an error is fixed in a script in 5 minutes, not in Excel in 3 hours
  • mechanical work should be minimized
03

Traceability chain

Risk → Control → Test → Evidence → Result → Observation → Action → Report
04

How it works

AuditFlow keeps structured decisions in YAML, audit narratives and workpapers in Markdown/Quarto, raw evidence unchanged, and generated outputs separate from source evidence.

05

Current limitations

  • it is not a complete corporate internal audit methodology
  • basic Python practice is required to get the most from it
  • deeper methodology validation is still evolving
  • automated LLM integration is not finished
  • confidential data should not be sent to an external model without a separate risk assessment