Audit Cycles
Organize audits into annual or quarterly cycles for structured planning and execution
An Audit Cycle is a time-bound period within an audit program that organizes audit activities. Cycles are typically annual or quarterly and contain one or more audit instances that execute specific audits.
Time-Bound Organization
Cycles organize audits by time periods (e.g., Q1 2026, Annual 2026) for better planning and tracking.
Multiple Instances
Each cycle can contain multiple audit instances, allowing you to run different audits within the same period.
Cycle Structure
Cycles provide structure for organizing multiple audit instances within a program. They help with scheduling, resource allocation, and progress tracking.
Creating an Audit Cycle
Navigate to Program
Go to Audit Management → Programs → Select a program → Click "Create Cycle".
Fill in Cycle Details
Enter the following information:
- Name: Descriptive name (e.g., "Q1 2026 Internal Audit")
- Description: What this cycle will cover
- Start Date: When the cycle begins
- End Date: When the cycle ends
- Status: Planning, In Progress, Review, Completed, or Cancelled
Set Timeline
Set appropriate start and end dates. Common cycle durations:
- Quarterly: 3 months
- Semi-Annual: 6 months
- Annual: 12 months
Save Cycle
Review all information and click "Save" to create the audit cycle. You can now create audit instances within this cycle.
Cycle Fields Explained
Name
Descriptive name that identifies the cycle (e.g., "Q1 2026 Internal Audit" or "Annual 2026 Audit").
Description
Detailed description of what this cycle will cover and its objectives.
Start Date
When the cycle begins. Used for planning and scheduling audit instances.
End Date
When the cycle ends. All instances within the cycle should complete by this date.
Cycle status options:
- • Planning: Cycle is being planned
- • In Progress: Cycle is active with instances running
- • Review: Cycle is under review
- • Completed: All instances in cycle are finished
- • Cancelled: Cycle was cancelled
Cycles are automatically linked to their parent audit program. This relationship cannot be changed after creation.
Common Cycle Patterns
Organize audits into quarterly periods:
- • Q1: Jan - Mar
- • Q2: Apr - Jun
- • Q3: Jul - Sep
- • Q4: Oct - Dec
Best for: Regular, frequent audits with different focus areas each quarter.
Organize audits into half-year periods:
- • H1: Jan - Jun
- • H2: Jul - Dec
Best for: Comprehensive audits that require more time for execution.
Organize audits into annual periods:
- • Annual: Jan - Dec
Best for: Comprehensive annual audits or certification cycles.
Example Cycle
Cycle Details
Name: Q1 2026 Internal Audit
Program: 2026 ISO 27001 Compliance Program
Status: In Progress
Duration: January 1 - March 31, 2026
Audit Instances
• IT Access Controls Audit (Jan 15 - Feb 15)
• Network Security Audit (Feb 1 - Mar 1)
• Data Protection Audit (Feb 15 - Mar 15)
Cycle Lifecycle
Planning
Create cycle, define timeline, and plan which audit instances will be executed.
In Progress
Cycle is active. Create and execute audit instances. Monitor progress across all instances.
Review
Review cycle progress, aggregate findings from all instances, and assess overall status.
Completed
All instances completed, reports generated, cycle closed. Ready for next cycle.
Best Practices
Use consistent naming conventions (e.g., "Q1 2026", "Annual 2026") to make cycles easy to identify and track.
Set cycle dates that allow sufficient time for all planned instances to complete, including review and reporting.
Plan which audit instances will run in each cycle to ensure comprehensive coverage and avoid conflicts.
Regularly review cycle status and instance progress to identify delays or issues early.