MVP 03In active development
Audit Evidence Automation Hub
Connect once, collect forever — pulls audit evidence on a schedule from the systems you already use, hashes it, and files it against the control it proves.
The pain
Every audit (financial, SOC 2, ISO surveillance, FAR/DFARS, single audit) becomes a 6-week fire drill of pulling screenshots and exports from a dozen systems. Evidence is stale before it is collected.
What gets built
- Connector framework: Google Workspace, Microsoft 365, GitHub, AWS/Azure, Okta, Slack, JIRA, NetSuite, QuickBooks
- Evidence requests defined as YAML: "Pull MFA status report from Okta weekly, hash, store, tag with control AC-2"
- Time-series evidence vault: every snapshot kept, never overwritten, content-hashed
- Control-to-evidence mapping (works against any framework: NIST 800-171, ISO 27001, SOC 2, FAR Part 4)
- Auditor portal: read-only access for external auditors with watermarked downloads
- Anomaly alerts: evidence drift, missing collections, control breakage
Stack
- Python + FastAPI + uv
- SQLAlchemy 2 + PostgreSQL
- MinIO with object lock
- httpx connectors
Pricing
$15K setup + $1,500–$4,000/mo per client based on connector count
Effort to ship
5–6 weeks for v1 with 5 core connectors
Audit Evidence Automation Hub demo is on the roadmap
Want a guided walk-through of what this tool will do, or to be the first pilot client when it ships?
Get in touch