v1.0.0-beta β Initial Platform Release
Β· 4 min read
π The first public beta of AIIA β the AI-enabled internal audit platform. This release delivers the complete audit lifecycle with 14 integrated modules, AI governance, and Saudi regulatory compliance.
Release Highlightsβ
ποΈ Full Audit Lifecycleβ
AIIA v1.0.0-beta delivers the complete internal audit lifecycle β from universe management and annual planning through fieldwork execution, reporting, and continuous monitoring.
14 Integrated Modules:
| Module | Status | Description |
|---|---|---|
| Audit Universe & Library | β GA | Centralized auditable entity registry with risks and controls |
| Annual Planning & Resources | β GA | Risk-based planning with AI-assisted prioritization |
| Engagements | β GA | Full lifecycle engagement management |
| Fieldwork | β GA | Workpapers, testing, evidence, AI writing assistant |
| Sampling | β GA | Statistical and judgmental sampling |
| Client Portal (PBC) | β GA | External evidence collection portal |
| Findings & Remediation | β GA | CCCER-based findings with action tracking |
| Reporting & Board Packs | β GA | AI-assisted report generation and PDF export |
| Dashboards & Analytics | β GA | AI Governance Hub, custom builder, data agent |
| Continuous Monitoring & KRI | β GA | KRI playground, AI wizard, real-time alerts |
| Quality Assurance | β GA | Engagement and program-level QA reviews |
| Questionnaires | β GA | Dynamic forms with conditional logic and scoring |
| Compliance Frameworks | β GA | NCA ECC, PDPL, CSCC, ISO 27001, COSO |
| Integrations & APIs | β GA | REST API, webhooks, pre-built connectors |
π€ AI Layer (Cross-Cutting)β
AIIA embeds AI throughout the audit lifecycle with full governance:
AI Capabilities:
- AI Companion β Conversational assistant for all modules
- Evidence Summarization β Auto-summarize uploaded documents
- Narrative Drafting β Draft workpaper conclusions and report narratives
- Historical Retrieval (RAG) β Search past audits with citations
- AI Diff Review β Intelligent version comparison
- Data Agent β Natural language queries against audit data
- Document Intelligence β Upload and analyze documents
- Agentic AI β Multi-step autonomous tasks with human approval
- KRI Wizard β AI-guided Key Risk Indicator creation
- Risk/Control Suggestion β AI recommends based on industry data
- Recurring Finding Detection β Pattern recognition across engagements
AI Governance:
- All AI outputs are suggestions only β human approval required
- RBAC-constrained β AI respects user permissions
- Fully audited β every AI interaction logged
- Citations required β source references for all outputs
- Confidence scoring β transparency on AI certainty
Multi-Provider Support:
| Provider | Type | Key |
|---|---|---|
| Ollama | Local (on-prem) | No |
| Gemini | Cloud | Yes |
| OpenAI | Cloud | Yes |
| Anthropic | Cloud | Yes |
| DeepSeek | Cloud | Yes |
| Custom | Any | Yes |
πΈπ¦ Saudi Regulatory Complianceβ
Built for Saudi enterprises and Vision 2030:
- NCA ECC β National Cybersecurity Authority Essential Controls (pre-loaded)
- PDPL β Personal Data Protection Law compliance
- CSCC β Cloud Security Compliance Certification
- SAMA CSF β Saudi Monetary Authority Cyber Security Framework
- Full Arabic/RTL support β complete bilingual interface (EN/AR)
π Security & Governanceβ
- RBAC + SoD β Role-based access at API and UI levels
- Immutable audit trail β every CUD operation logged
- Evidence chain-of-custody β SHA-256 hash, virus scan, uploader tracking
- API key encryption β AES-256-GCM encryption at rest
- Multi-tenancy β full data isolation between organizations
- SaaS + On-Prem β deployable in both modes
π Dashboardsβ
- AI Governance Hub β 360Β° audit program dashboard
- Executive Dashboard β Board-ready portfolio view
- Custom Dashboard Builder β Drag-and-drop widget configuration
- Data Agent β Natural language data queries with chart generation
- Portfolio Analytics β Cross-engagement trend analysis
Technical Stackβ
| Component | Technology |
|---|---|
| Backend | Python 3.11+ / FastAPI / SQLModel |
| Frontend | TypeScript / Next.js 14 (App Router) |
| Database | PostgreSQL 16 + pgvector |
| Storage | MinIO (S3-compatible) |
| Identity | Keycloak (SSO/OIDC/SAML) |
| AI | LangChain + multi-provider LLM |
| Cache | Redis |
| Observability | OpenTelemetry β Prometheus β Grafana |
| Deployment | Docker Compose / Helm |
Known Issuesβ
| Issue | Workaround | Status |
|---|---|---|
| Dashboard custom widgets may not persist layout on Safari | Use Chrome/Edge | Investigating |
| Arabic RTL in PDF export may have alignment issues on complex tables | Use simple table layouts | In Progress |
| Keycloak session timeout may not redirect cleanly | Refresh the page to re-authenticate | Fix planned for v1.0.1 |
Upgrade Notesβ
This is the initial release β no upgrade path needed. For fresh installation, see the Deployment Guide.
What's Nextβ
v1.1.0 (Planned β Q3 2026):
- Mobile responsive enhancements
- Bulk finding operations
- Enhanced PDF export with custom templates
- Workflow automation rules
- Additional compliance frameworks (SOX, GDPR)
- Performance optimizations for large datasets