17 years helping Australian businesses
choose better software
AuditBoard
What Is AuditBoard?
CrossComply by AuditBoard is an award-winning security compliance solution that allows organizations to build trust and scale their security compliance program with a connected risk platform that unifies SOC 2, ISO 2700x, NIST, CMMC, PCI DSS, and more across your organization. Scaling is never easy, CrossComply allows teams to leverage automation through integrations and accelerate work, reduce redundancy, and improve visibility.
Who Uses AuditBoard?
Risk & controls management, project management, reporting, data visualization, risk assessment, evidence collection, issue remediation, workflow management, policy management, certifications and more.
Not sure about AuditBoard?
Compare with a popular alternative
AuditBoard
Reviews of AuditBoard
Alternatives Considered:
The Go To for Internal Audit Management
Comments: No Internal Audit Management System is perfect but AuditBoard is one of the two best players in the market.
Pros:
Ease of use, continual updates, focus on Internal Audit.
Cons:
Implementation process, workstream module.
Alternatives Considered:
AuditBoard is the premier tool for connected risk and audit management.
Comments: Overall, my experience with AuditBoard has been highly positive in the two years that I have been a user and administrator. AuditBoard users are highly resourced with the Help Center as well as AuditBoard Academy.
Pros:
The AuditBoard platform is highly customizable, which allows our team to tailor the data captured, and thus reportable, in our operational audits and ICFR. In addition, the ability to define multiple issue types and define relevant fields for each type provides for enhanced enterprise reporting and drives consistency.
Cons:
Not having the ability to do basic formatting in free text fields is a drawback (bullets, bold, italics, etc.)
Auditboard Works Great for Daily processes.
Comments: I have been involved with this tool, since we first started testing, and was instrumental (from an IT perspective) in getting this implemented into our company. I have also been working with the daily support team to be sure they have the tools they need to be successful. I feel like I have a fairly good understanding of the architecture and the support model for the product and company.
Pros:
The daily working process for audit management is very good. Depending on how the application is configured, you can add different users for different purposes and allow them to see a variety of things. Historical data is fairly easy to capture in dashboards and can be rendered in a variety of ways. Issues are in a separate module, which makes them easy to find and review or reuse as needed.
Cons:
No global search function for topics, documents, etc. Text editing within the work steps is very limited. Additional functionality for bold text, bullets, etc. would be helpful. Recently, it's been a bit buggy as some functionality has broken as a result of updates, which has caused us some minor pain.
Alternatives Considered:
AuditBoard - Audit
Comments: Positive. When I have challenges, they're very quick to help
Pros:
User friendly, great visually, customizable, good support. Great for audit.
Cons:
Still some small limitations but the platform is aware and continues to roll out updates.
AuditBoard is a great tool for our Company
Comments: Our company experience has been good. If we were to implement again, I would take more time in setting everything up initially.
Pros:
Ease of use, multiple resources for self support and access to customer success.
Cons:
The thing I like the least is the control UID naming. The process/subprocess do not add value to the UID but make is long and complicated to remember.
Alternatives Considered:
A happy long term customer
Comments: Overall very happy with the product and how it has helped my team gain efficiencies managing our audit workloads.
Pros:
It makes day to day auditing a lot more streamlined. I also like the interconnectivity between modules.
Cons:
The price has come up substantially, and lately more and more self service is being pushed over former white glove help.
AuditBoard User Review
Comments: I've used it for about a year. I feel there is still a lot to learn
Pros:
The integrated modules. I like that you can set up controls in 1 place and they can be used by the other modules/users.
Cons:
The product is not easily customizable. For example, the policy module cannot be customized to allow the workflow for reviewers to be sequential.
AuditBoard
Comments: Good tool, easy to use, opportunities to enhance data integration and reporting and improve data access governance/administration
Pros:
SOX Hub workflow including interface with control owners for documentation and evidence collection; AuditBoard Sync for real time editing of workpapers within the system
Cons:
lack of segregated user access at admin level when managing multiple types of activities within one instance; for instance, not being able to restrict access to internal audit workpapers from other admins unless you have IA be the admin for the entire platform
Alternatives Considered:
Good Solutions
Comments: Largely positive. Great upgrade to our historical approach of a shared drive to house audit documentation.
Pros:
Lots of solutions for common problems. The help function is very useful as a jumping off point to figure out how to do what I need.
Cons:
Some struggles with evolving with changes. We are long time customers and sometime feel behind the ball catching up.
Success with AuditBoard
Comments: Overall, AuditBoard has been beneficial to our organization.
Pros:
We like the customization and ease-of-use of the product
Cons:
The customer support could be better. The CSMs don't know the technicalities that the Help Desk employees know.
Alternatives Considered:
AuditBoard is the #1 GRC Tool
Comments: Overall, its going great. Its streamlining operations at the company and setting us up for future growth.
Pros:
Automation capability, Custom ABI Dasboards for monitoring, single source of truth for process documentation. Accountability and ownership of the controls.
Cons:
Slow response time to fix issues and/or make minor enhancements to the product. Have to submit ideas to the "community" is the standard response when pointing out issues.
Alternatives Considered:
New User Journey
Comments: Overall my experience has been positive. I used AuditBoard at my last company and was an advocate for implementing AuditBoard at my current company that managed the SOX program in Google Sheets. AuditBoard helps limit administrative tasks, assist with version control issues and influence control owners to take ownership of their RCM.
Pros:
Onboarding stakeholders and control owners to AuditBoard is streamlined since the UI is user friendly. Users outside of the IA team are able to quickly navigate to the RCM, PBC and certification page.
Cons:
The complicated backend process to link new IPE records to controls.
Alternatives Considered:
A great tool!
Comments: A great onboarding experience and quick user adoption. Feature rollout is rapid and great.
Pros:
The end user interface is easy to use and intuitive.
Cons:
Some of the feature consistency is different across the different modules where it seems like it should be standard.
Go for the best
Comments: Great, best software that I have used over my career.
Pros:
Easy to use, stakeholders get the software. Its intuitive.
Cons:
Sometimes have issues with data refreshing for dashboarding, but support is generally quick to resolve.
Alternatives Considered:
Great partner!
Comments: It's been a good partnership to help us deploy our IA and risk objectives and initiatives
Pros:
The easiness to connect risk to controls to applications all in one platform.
Cons:
The dashboards require a lot of customization to get the views you want. Wish there were more standard/best practice dashboards
Alternatives Considered:
Modern day GRC platform
Pros:
Ease of use, innovation roadmap, customer service, agility
Cons:
Need for more integrations and connectors to other systems
AuditBoard Review
Comments: Overall, I really like AuditBoard. I have people on my team who have come from other platforms who agree, and those who wish AB would do things the way their old platform did, but I generally like the product. It has made auditing much more organized and streamlined.
Pros:
Before AuditBoard, we worked on SharePoint, Excel, and several other platforms to get through an audit, and even then it was a manual process to review and plan for the next year. Now AuditBoard makes everything in the process, from planning to remediation, much easier.
Cons:
I've used AB for more than 4 years now and lately it has felt that the focus has moved away from improving its core products in order to build out the ecosystem. There are a bunch of small quirks in its core products, like SOXhub. When I've brought these items to the attention to the helpdesk and consultants, the response is always "suggest it as an idea in the community". This used to be a viable solution, but now I've had ideas out there for more than a year with dozens of "Kudos" (read: "likes") and comments from other users. Even AB staff have commented on a few saying that they've shared the idea and nothing ever happens. There used to be QOL updates at least monthly and now it seems like the community is largely ignored. It might just be my feeling though.
AuditBoard
Comments: Overall experience is great. SOX Hub and Risk Oversight have been great tools. As a IA department we just added Ops Audit and Cross comply.
Pros:
SOX Hub allows you to manage SOX Compliance program with ease. From submitting your documentation request to reporting on audit issue is easy to manage each year. Risk Oversight is a great tool to collect risk rating from risk owners and report on the results via Heatmap. Risk Oversight also allows you to track the status mitigation plans for each risk.
Cons:
The tick and tie feature to audit support is lacking. We are considering data Snipper which is a more powerful tool for auditors linking support to each test attribute.]
Very useful platform
Comments: AuditBoard has definitely helped us improve our cybersecurity risk management practices, and we intend to use it a lot more to continue to improve.
Pros:
I like that it has APIs that allow me to build automations that may not be natively available in the platform. These automations are becoming more and more important in our work.
Cons:
1. The APIs are very poorly documented, and require too much "figuring out" and "guessing" 2. A lot of AuditBoard competitors seem to be moving in the direction of using integrations to collect information that addresses the requirements of compliance frameworks directly. It would be great for AuditBoard to check out that possibility, or evaluate the need among customers.
Selecting the Perfect Audit Solution Partner
Comments: While selecting the product, I had a great experience with Sales Team ([sensitive content hidden]) was an outstanding representative, who understood my needs but most importantly, set my expectations correctly. I would select AuditBoard again!
Pros:
AuditBoard is a robust platform, which follows a well-thought methodology but it is flexible and adaptable at the same time. It meets my requirements.
Cons:
The implementation process was complex but we made it through. It was performed by a third party (RSM), who was outstanding. However, it took us a while to complete the project.
A GRC Tool Designed for Cross-Compliance Functionality
Comments: Overall, my experience using AuditBoard as an administrator and end user has been very good.
Pros:
A GRC devoted to integrating features and functionality across compliance functions.
Cons:
Some new features/modules could use broader customer beta testing to ensure more feedback is received from core customers.
Great Audit Tool
Pros:
I've been using Auditboard for the past 7 years, and it's been a great tool for SOX Compliance. We have established a great relationship with Auditboard, and have always gotten great support from them. With Auditboard, users are able to access documentation with ease. The user interface is extremely user friendly, and easy to navigate.
Cons:
Narrative integration is great, however, the initial linking is a bit painful and time consuming to do.
I recommend AuditBoard to manage your GRC Program.
Comments: Very good experience. I hope I can continue using AuditBoar to manage our GRC Program.
Pros:
Very easy to implement and manage the Compliance program. CrossComply module is excelent, giving us the ability to manage frameworks, policies and also collect evidence for audits. The auditboard academy is impressive.
Cons:
Sometime it seems hard to find the specific field you want to edit, due to the number of fields avaliable for configuration.
Great for audit repository and user access reviews
Comments: 10/10 with the product and customer service.
Pros:
I like how easy it is to organize and maintain controls, test results, workpapers, and recall the evidence that was requested and submitted for each control. I also like how easy it is to create workflows for user access reviews.
Cons:
I don't like that you cannot create sub workflows that are triggered based on the responses of the main workflow.
Ease of use
Comments: Very easy to use and our support is awesome!
Pros:
I enjoy the ease of learning and teaching the product. I also like the ease of creating a report and new tools like visualizations and dashboarding.
Cons:
Limitations on reporting/dashboarding based on preexisting fields