Grigory Emelianov Good idea! We are currently doing that in the Risk Register (using comment section for Root Cause Analysis and Treatment Tasks of course) as well as in our own MS Planner to keep everyone up2date. I think that would be important enough to have it's own page instead of being part of a different section, but just my opinion :)

Awesome! thanks for the prompt feedback! We are planning a new quarter and could review this.

Usually, auditors expect auditees to add their findings as risks, you are doing it well! But I also understand it would give you some closure to close them individually ;)

At the moment there is no audit-related page on Secfix, but maybe it could become a part of something bigger for all-things audit :)

I think this would be a great enhancement for all parties using the Secfix platform.

Users can have a trackin module where they can make root cause analysis, correction and corrective action definitions of nonconformities that arise as a result of the audit. (CAP - Corrective Action Process)

NCN closure evidence should also be added to this field.

This way, auditors can also verify audit findings before the audit each year.

@Alper: Sounds good for me as well!

Grigory Emelianov Nothing to add to Alpers suggestion. Currently we are tracking our findings in Notion, which allows everyone to see what happened and link treatment tasks and responsibilities.