Using the Audit Program object, audit planners can initiate, plan, and approve audit programs for execution for a determined time period. Once the Audit Program record enters a specified state, Vault automatically creates Audit object records based on Proposed Audit record data within the Audit Program. Users can then conduct Audits and, as the Audit record moves through its lifecycle, related Proposed Audits on the Audit Program record are updated, tracking their execution.

Configuration Overview

Complete the following configuration steps to take full advantage of Audit Program Planning in your Vault:

Audit & Proposed Audit Objects

Perform the following object configuration changes on the Audit and Proposed Audit objects.

Audit & Proposed Audit Fields

In order for Vault to transfer field data from source Proposed Audit records to Audit records, you must add the field to the Proposed Audit object with an identical field Name. Object type names must also match exactly. For example, to transfer the Executive Summary (executive_summary__c) field value, a field with an identical Name value (executive_summary__c) must exist on both objects.

Ensure that the Related Audit Program and Related Proposed Audit fields on the Audit object are enabled for any Audit object types you wish to use.

Organization & Proposed Audit Fields

In order for Vault to transfer field data from source Organization records to Proposed Audit records when using the Create Proposed Audits action, you must ensure the field on the Organization and Proposed Audit objects have an identical field Name. Object type names must also match exactly.

Audit & Proposed Audit Object Types

If your processes include any custom object types in addition to External Audit and Internal Audit, you must configure those object types for both Audit and Proposed Audit objects. The Name of the object type must match exactly between the Audit and Proposed Audit object types.

Audit Program Object Page Layout

Add a related object section on your Audit Program object page layout for related unplanned Audits, allowing users to create Audit records and associate them with the Audit Program for reporting purposes. Add another related object section for Proposed Audits.

Proposed Audit Object Page Layout

Add a related object section on your Proposed Audit object page layout for related Audits. This will allow users to see the execution status of audits that are directly related to the proposed audit.

Entry Action: Create Audit Record

Determine the Proposed Audit object lifecycle state that you wish to trigger Audit record creation and add the Create Audit Record entry action. The optional field-mapping selection boxes allow you to map the Auditee, Planned Start Date, and Planned End Date standard fields to corresponding fields on the Audit record to be created. The drop-downs only display fields with the appropriate field type, for example, Organization or Date. If you leave the drop-downs blank, data for those fields will not be transferred from the Proposed Audit record to the Audit record.

User Action: Create Proposed Audits

The Create Proposed Audits user action queries your Vault for applicable Organizations and creates Proposed Audit records with pre-populated data, reducing the need for manual Proposed Audit record creation on an Audit Program. The action configuration options define the object type of the resulting Proposed Audit records. They also limit their scope by Organization state and field data criteria, including object type, state, date, and more.

First, add the Create Proposed Audits record action on the Audit Program object. When adding the action, ensure that the Available in All Lifecycle States checkbox is not selected.

Then, configure the user action on the Audit Program object lifecycle, in the lifecycle state that the Audit Program should be populated with Proposed Audits. Organization filtering options appear after you make selections in previous options, as each higher-order filter determines the lower-order filters available:

  • Proposed Audit Type: Select from any configured object type on the Proposed Audit object. The resulting Proposed Audits will have this object type.
  • Organization Type(s): Select one or more configured object types on the Organization object to limit the query to those types.
  • Required Organization Lifecycle State(s): Select one or more lifecycle states on the Organization Lifecycle for which it would be appropriate to create Proposed Audits, for example, Approved and other Approved-like states.
  • Associated Organization Date Field: Select a date field on the Organization object, for example, Next Scheduled Audit Date. When the action executes, Vault evaluates if the date on the selected Organization is between the Planned Start Date and Planned End Date on the Audit Program record. If it is, then Vault selects the record for Proposed Audit generation.
  • Allowed Lifecycle States for Duplicate Proposed Audit Creation: Select one or more states. When the action executes, Vault will not create Proposed Audits for Organizations with an existing associated Proposed Audit record unless all existing records are in one of these states. For example, you might select Complete or Canceled states to ensure that Vault still creates Proposed Audit records when the action executes, even though other Audits have been processed for this Organization previously. Conversely, selecting an In-Progress or Initiated state in this option may result in duplicating an already-active audit.
  • Included Organization Risk Classifications: Optionally, select one or more risk classifications to include in Vault’s query.

  • Optional Organization Fields: Optionally, select up to three (3) additional fields on the Organization object to filter on. You can choose from yes/no, picklist, or related object fields. When the user executes the action, Vault prompts them to select field values to match with when creating Proposed Audits.

Audit Program & Audit Object Lifecycles

Using the Change State of Related Record entry action within the Audit Program and Audit object lifecycles, you can ensure that Proposed Audit records move through their lifecycle:

  • Add a Change State of Related Record entry action on the in-execution Audit Program object lifecycle state to change the state of related Proposed Audits to the triggering state for the Create Audit Record entry action.
  • Add the Change State of Related Record entry action on states in the Audit object lifecycle to change the state of related Proposed Audits, ensuring that the Proposed Audit records move along their lifecycle in parallel with their related Audits.

Audit Program & Proposed Audit Workflow Configuration

If you want to include a review and approval workflow as part of your Audit Program Planning process, you must create and configure one per your processes.

Additionally, if you also want to manage the review and approval process on a Proposed Audit record, you can configure a separate workflow. This may be useful in situations where you want to include an additional proposed audit in your Audit Program after it has already been approved. Alternatively, you can create an Unplanned Audit record from the Audit Program record detail page if you do not want to manage a separate review and approval process for Proposed Audits.

Quality Teams for Proposed Audits

While you can create custom user fields to define roles, it is recommended that you configure Quality Teams to define role assignments. This will allow those users to be propagated to the corresponding Quality Team role when Audits are created from Proposed Audits.