Frequently Asked Questions

What standards frameworks does AuditX+ support?

AuditX+ currently supports SOC 2 (Type I and II), PCI DSS, ISO 27001, NIST 800-53, NIST CSF, IT General Controls (IT SOX, SOC 1), and FedRAMP. The platform is designed to support a broad range of standards frameworks including HIPAA, GDPR, CCPA, HITRUST, etc.

 

What cloud providers does AuditX+ support?

Customers use AuditX+ across IT environments in AWS, Azure, GCP, and in-house/on-premises hybrid environments.

 

How much does AuditX+ cost? How is it priced?

AuditX+ is an annual software subscription priced based on the number of number of audits the product will be used for each year. Single and multi-year subscriptions.

 

How does AuditX+ work with existing GRC tools I am already using?

AuditX+ is designed to complement existing GRC tools you may be using. Customers use AuditX+ as the single system of record for enterprise compliance data to automate compliance across multiple frameworks, audits, and clouds. AuditX+ is purpose-built for audit preparation, evidence collection, and readiness and sits alongside broader GRC tools that have many other modules/functions – and sometimes basic project management workflow capabilities in audit area.

 

What other SaaS systems integrate with AuditX+ (e.g., Jira, ticketing systems, etc)?

The AuditX+ SaaS platform provides simple agentless integration with many other SaaS systems, including Jira, Splunk, Datadog, Okta, GitHub, GitLab, Google Workspace, CloudFlare, Tenable, etc. Simply connect your existing accounts with read-only privileges.

 

What is the process for onboarding and how long does it take?

The process of provisioning your secure AuditX+ account and onboarding your administrators/users can be done in an hour– in stark contrast to many of the legacy solutions in the broader GRC space that often take months.

 

Can I see my previous audits and evidence in AuditX+?

Yes, you can view evidence collected and associated descriptions during prior compliance audits within AuditX+. AuditX+ also crosswalks evidence from one audit/framework to all other audits/frameworks. This capability enables enterprises to re-use existing evidence, enabling new audits/frameworks to be up to 80% complete upon start. A crosswalk report in AuditX+ shows evidence overlap across audits in real time.

 

How does Shujinko and AuditX work with Audit firms?

Shujinko parters with independent Audit firms of all sizes. We maintain close partnerships with a wide range of audit firms and always where we share a common customer that is using AuditX+ for compliance automation and the independent audit firm for audit review/certification.

 

Can I import custom controls and/or modify existing control language that is built into AuditX+?

Yes.

 

Prior to AuditX+, what were most of your customers using for audit preparation, evidence collection, and audit readiness?

By far, the most common methods include the use of shared spreadsheets, shared documents, shared drives, e-mail and attachments, scripts, and Slack/Teams. Manual approaches are still being used 95%+ of the time.

AuditX currently supports SOC 2 (Type I and II) and PCI DSS. The platform is designed to support a broad range of standards frameworks including NIST CSF, ISO 27001, HITRUST, HIPAA, FedRAMP, GDPR, CCPA, etc.

Customers use AuditX across IT environments in AWS, Azure, GCP, and in-house/on-premises.

AuditX is an annual software subscription priced based on the number of standards and number of audits the product will be used for. Single and multi-year subscriptions.

AuditX is designed to be a complement to any existing GRC tools you may be using. Customers use AuditX for audit preparation, evidence collection, and readiness alongside broader GRC tools that often have many other modules/functions.

The AuditX SaaS platform is designed for easy API integration with other SaaS systems in use. Integrations are a top priority on our product roadmap.

The process of provisioning your secure AuditX account and onboarding your administrators/users can be done in a couple of hours – in stark contrast to many of the legacy solutions in the broader GRC space.

AuditX currently provides best practices descriptions and examples for evidence collection requirements associated with each control. Adding the capability to view evidence collected during prior audits within AuditX is on our product roadmap.

Shujinko views Audit firms as trusted partners. We maintain close partnerships with a wide range of audit firms and always where we share a common customer that is using AuditX for audit preparation and readiness and the independent audit firm for review/certification.

By far, the most common methods include the use of shared spreadsheets, shared documents, e-mail and attachments, scripts and SFTP, point solutions, and occasionally a legacy GRC tool.

Automate Audit Preparation

Get ahead of your upcoming audit deadlines and compliance initiatives. Ditch the shared spreadsheets, back and forth email, and unclear evidence requests. Start working with Shujinko’s AuditX tool to simplify, automate, and modernize audit preparation for your cloud-first enterprise.