انتقل للمحتوى الرئيسي
الإصدار: 1.0.0-beta

مرجع الحقول — عالم التدقيق

Complete documentation for every field in the Audit Universe and Library modules.

AuditUniverseItem

The core entity representing an auditable item in your organization.

FieldTypeRequiredDefaultValidationDescription
idIntegerAutoAuto-incrementUnique identifier
org_idIntegerAutoFrom sessionOrganization (tenant isolation)
nameStringMax 255 charsEntity name
typeEnumBusiness Unit, Process, Application, Regulatory Domain, Project, LocationEntity classification
descriptionTextNoMax 5,000 charsDetailed description
parent_idIntegerNonullMust reference existing itemParent entity for hierarchy
ownerStringNoMax 255 charsBusiness owner name
risk_levelEnumNonullLow, Medium, High, CriticalAggregate risk level
risk_scoreFloatAuto0.00.0–25.0Calculated from attached risks
last_audit_dateDateAutonullDate of last completed engagement
next_audit_dateDateNonullMust be future datePlanned next audit
statusEnumNoActiveActive, ArchivedCurrent status
tagsJSON ArrayNo[]Max 20 tagsCustom tags for filtering
created_atTimestampAutoCurrent timeCreation timestamp
updated_atTimestampAutoCurrent timeLast modification timestamp
created_byIntegerAutoCurrent userCreator user ID

Risk

Risk statements attached to audit universe items.

FieldTypeRequiredDefaultValidationDescription
idIntegerAutoAuto-incrementUnique identifier
org_idIntegerAutoFrom sessionOrganization
titleStringMax 500 charsRisk statement
categoryEnumStrategic, Operational, Financial, Compliance, IT, ReputationalRisk category
descriptionTextNoMax 5,000 charsDetailed risk description
likelihoodInteger1–5Probability of occurrence
impactInteger1–5Severity if it occurs
inherent_risk_scoreFloatAutoLikelihood × Impact1.0–25.0Risk score before controls
residual_risk_scoreFloatNonull0.0–25.0Risk score after controls
risk_ownerStringNoMax 255 charsAccountable person
statusEnumNoActiveActive, Archived, AcceptedCurrent status
universe_item_idIntegerMust reference existing itemParent entity
created_atTimestampAutoCurrent timeCreation timestamp
updated_atTimestampAutoCurrent timeLast modification

Control

Control activities that mitigate identified risks.

FieldTypeRequiredDefaultValidationDescription
idIntegerAutoAuto-incrementUnique identifier
org_idIntegerAutoFrom sessionOrganization
control_idStringAutoCTRL-{seq}Unique per orgHuman-readable ID
titleStringMax 500 charsControl name
descriptionTextNoMax 5,000 charsDetailed description
typeEnumPreventive, Detective, CorrectiveControl type
natureEnumManual, Automated, IT-Dependent ManualHow it operates
frequencyEnumContinuous, Daily, Weekly, Monthly, Quarterly, Annual, Ad-hocExecution frequency
ownerStringNoMax 255 charsControl operator
effectivenessEnumNoNot TestedEffective, Partially Effective, Ineffective, Not TestedCurrent rating
last_tested_dateDateAutonullDate of last test
statusEnumNoActiveActive, ArchivedCurrent status
created_atTimestampAutoCurrent timeCreation timestamp
updated_atTimestampAutoCurrent timeLast modification

RiskControlMapping

Many-to-many relationship between risks and controls.

FieldTypeRequiredDefaultValidationDescription
idIntegerAutoAuto-incrementUnique identifier
risk_idIntegerMust reference existing riskLinked risk
control_idIntegerMust reference existing controlLinked control
mapping_typeEnumNoPrimaryPrimary, SecondaryStrength of linkage
notesTextNoMax 1,000 charsMapping context

الحالة Enums

Entity الحالة

ValueDescription
ActiveCurrently in scope for audit consideration
ArchivedNo longer applicable; retained for history

Risk الحالة

ValueDescription
ActiveRisk is current and relevant
ArchivedRisk no longer applicable
AcceptedRisk accepted by management (documented acceptance)

Control Effectiveness

ValueDescription
EffectiveControl operates as designed and mitigates the risk
Partially EffectiveControl has gaps but provides some mitigation
IneffectiveControl does not adequately mitigate the risk
Not TestedControl has not been evaluated in the current period
آخر تحديث في بواسطة AIIA Engineering