v1.0.0-beta โ Initial Platform Release
ยท 4 ุฏูุงุฆู ูุฑุงุกุฉ
๐ The first public beta of AIIA โ the AI-enabled internal audit platform. This release delivers the complete audit lifecycle with 14 integrated modules, AI governance, and Saudi regulatory compliance.
Release Highlightsโ
๐๏ธ Full Audit Lifecycleโ
AIIA v1.0.0-beta delivers the complete internal audit lifecycle โ from universe management and annual planning through fieldwork execution, reporting, and continuous monitoring.
14 Integrated Modules:
| Module | Status | Description |
|---|---|---|
| Audit Universe & Library | โ GA | Centralized auditable entity registry with risks and controls |
| Annual Planning & Resources | โ GA | Risk-based planning with AI-assisted prioritization |
| Engagements | โ GA | Full lifecycle engagement management |
| Fieldwork | โ GA | Workpapers, testing, evidence, AI writing assistant |
| Sampling | โ GA | Statistical and judgmental sampling |
| Client Portal (PBC) | โ GA | External evidence collection portal |
| Findings & Remediation | โ GA | CCCER-based findings with action tracking |
| Reporting & Board Packs | โ GA | AI-assisted report generation and PDF export |
| Dashboards & Analytics | โ GA | AI Governance Hub, custom builder, data agent |
| Continuous Monitoring & KRI | โ GA | KRI playground, AI wizard, real-time alerts |
| Quality Assurance | โ GA | Engagement and program-level QA reviews |
| Questionnaires | โ GA | Dynamic forms with conditional logic and scoring |
| Compliance Frameworks | โ GA | NCA ECC, PDPL, CSCC, ISO 27001, COSO |
| Integrations & APIs | โ GA | REST API, webhooks, pre-built connectors |
๐ค AI Layer (Cross-Cutting)โ
AIIA embeds AI throughout the audit lifecycle with full governance:
AI Capabilities:
- AI Companion โ Conversational assistant for all modules
- Evidence Summarization โ Auto-summarize uploaded documents
- Narrative Drafting โ Draft workpaper conclusions and report narratives
- Historical Retrieval (RAG) โ Search past audits with citations
- AI Diff Review โ Intelligent version comparison
- Data Agent โ Natural language queries against audit data
- Document Intelligence โ Upload and analyze documents
- Agentic AI โ Multi-step autonomous tasks with human approval
- KRI Wizard โ AI-guided Key Risk Indicator creation
- Risk/Control Suggestion โ AI recommends based on industry data
- Recurring Finding Detection โ Pattern recognition across engagements
AI Governance:
- All AI outputs are suggestions only โ human approval required
- RBAC-constrained โ AI respects user permissions
- Fully audited โ every AI interaction logged
- Citations required โ source references for all outputs
- Confidence scoring โ transparency on AI certainty
Multi-Provider Support:
| Provider | Type | Key |
|---|---|---|
| Ollama | Local (on-prem) | No |
| Gemini | Cloud | Yes |
| OpenAI | Cloud | Yes |
| Anthropic | Cloud | Yes |
| DeepSeek | Cloud | Yes |
| Custom | Any | Yes |
๐ธ๐ฆ Saudi Regulatory Complianceโ
Built for Saudi enterprises and Vision 2030:
- NCA ECC โ National Cybersecurity Authority Essential Controls (pre-loaded)
- PDPL โ Personal Data Protection Law compliance
- CSCC โ Cloud Security Compliance Certification
- SAMA CSF โ Saudi Monetary Authority Cyber Security Framework
- Full Arabic/RTL support โ complete bilingual interface (EN/AR)
๐ Security & Governanceโ
- RBAC + SoD โ Role-based access at API and UI levels
- Immutable audit trail โ every CUD operation logged
- Evidence chain-of-custody โ SHA-256 hash, virus scan, uploader tracking
- API key encryption โ AES-256-GCM encryption at rest
- Multi-tenancy โ full data isolation between organizations
- SaaS + On-Prem โ deployable in both modes
๐ Dashboardsโ
- AI Governance Hub โ 360ยฐ audit program dashboard
- Executive Dashboard โ Board-ready portfolio view
- Custom Dashboard Builder โ Drag-and-drop widget configuration
- Data Agent โ Natural language data queries with chart generation
- Portfolio Analytics โ Cross-engagement trend analysis
Technical Stackโ
| Component | Technology |
|---|---|
| Backend | Python 3.11+ / FastAPI / SQLModel |
| Frontend | TypeScript / Next.js 14 (App Router) |
| Database | PostgreSQL 16 + pgvector |
| Storage | MinIO (S3-compatible) |
| Identity | Keycloak (SSO/OIDC/SAML) |
| AI | LangChain + multi-provider LLM |
| Cache | Redis |
| Observability | OpenTelemetry โ Prometheus โ Grafana |
| Deployment | Docker Compose / Helm |
Known Issuesโ
| Issue | Workaround | Status |
|---|---|---|
| Dashboard custom widgets may not persist layout on Safari | Use Chrome/Edge | Investigating |
| Arabic RTL in PDF export may have alignment issues on complex tables | Use simple table layouts | In Progress |
| Keycloak session timeout may not redirect cleanly | Refresh the page to re-authenticate | Fix planned for v1.0.1 |
Upgrade Notesโ
This is the initial release โ no upgrade path needed. For fresh installation, see the Deployment Guide.
What's Nextโ
v1.1.0 (Planned โ Q3 2026):
- Mobile responsive enhancements
- Bulk finding operations
- Enhanced PDF export with custom templates
- Workflow automation rules
- Additional compliance frameworks (SOX, GDPR)
- Performance optimizations for large datasets