Audit Workflow Examples
Manage audit workflows with the SDK.
Create Audit with Findings
typescript
import { DeIterateClient } from '@deiterate/sdk';
const client = new DeIterateClient({
apiKey: process.env.DEITERATE_API_KEY!,
organizationId: process.env.DEITERATE_ORG_ID,
});
async function createAuditWithFindings() {
// Create the audit
const audit = await client.audits.create({
type: 'Internal Audit',
scope: 'Access Control Processes',
owners: ['compliance@company.com'],
auditor: 'internal-audit@company.com',
scheduledDate: '2025-02-15',
status: 'scheduled',
notes: 'Q1 Access Control Review',
});
console.log(`Created audit: ${audit.id}\n`);
// Add findings
const findings = [
{
title: 'Missing Access Reviews',
description: 'Quarterly access reviews not performed for privileged accounts',
severity: 'high' as const,
control: 'A.9.2.5',
dueDate: '2025-03-15',
},
{
title: 'Weak Password Policy',
description: 'Password policy does not meet minimum complexity requirements',
severity: 'medium' as const,
control: 'A.9.4.3',
dueDate: '2025-03-01',
},
];
for (const finding of findings) {
const created = await client.audits.createFinding(audit.id, finding);
console.log(`Created finding: ${created.title} (${created.severity})`);
}
return audit;
}Audit Status Report
typescript
async function auditStatusReport() {
const audits = await client.audits.list();
console.log('=== Audit Status Report ===\n');
for (const audit of audits) {
console.log(`${audit.type} - ${audit.scope}`);
console.log(` Status: ${audit.status}`);
console.log(` Date: ${audit.scheduledDate}`);
const findings = await client.audits.listFindings(audit.id);
const bySeverity = { critical: 0, high: 0, medium: 0, low: 0 };
for (const finding of findings) {
const sev = finding.severity || 'low';
bySeverity[sev]++;
}
console.log(` Findings: ${findings.length}`);
if (findings.length > 0) {
console.log(` Critical: ${bySeverity.critical}`);
console.log(` High: ${bySeverity.high}`);
console.log(` Medium: ${bySeverity.medium}`);
console.log(` Low: ${bySeverity.low}`);
}
console.log();
}
}Track Finding Remediation
typescript
async function trackRemediation() {
const audits = await client.audits.list();
const allFindings: Array<{
audit: string;
finding: any;
}> = [];
for (const audit of audits) {
const findings = await client.audits.listFindings(audit.id);
for (const finding of findings) {
allFindings.push({ audit: audit.type, finding });
}
}
// Filter open findings
const openFindings = allFindings.filter(f =>
f.finding.status !== 'closed' && f.finding.status !== 'resolved'
);
console.log(`=== Open Findings (${openFindings.length}) ===\n`);
// Sort by due date
openFindings.sort((a, b) => {
const dateA = new Date(a.finding.dueDate || '9999-12-31');
const dateB = new Date(b.finding.dueDate || '9999-12-31');
return dateA.getTime() - dateB.getTime();
});
for (const { audit, finding } of openFindings) {
const isOverdue = finding.dueDate && new Date(finding.dueDate) < new Date();
const marker = isOverdue ? '🔴' : '🟡';
console.log(`${marker} ${finding.title}`);
console.log(` Audit: ${audit}`);
console.log(` Severity: ${finding.severity}`);
console.log(` Due: ${finding.dueDate || 'Not set'}`);
console.log(` Assignee: ${finding.assignee || 'Unassigned'}`);
console.log();
}
}Complete Audit Workflow
typescript
async function completeAuditWorkflow(auditId: string) {
// Update audit status
await client.audits.update(auditId, { status: 'in-progress' });
console.log('Audit started');
// Get all findings
const findings = await client.audits.listFindings(auditId);
console.log(`Processing ${findings.length} findings...`);
// Create corrective actions for high severity findings
for (const finding of findings) {
if (finding.severity === 'high' || finding.severity === 'critical') {
await client.correctiveActions.create({
title: `Remediate: ${finding.title}`,
description: finding.description,
findingId: finding.id,
dueDate: finding.dueDate,
assignee: finding.assignee,
});
console.log(`Created corrective action for: ${finding.title}`);
}
}
// Mark audit as completed
await client.audits.update(auditId, {
status: 'completed',
notes: `Audit completed with ${findings.length} findings`,
});
console.log('Audit completed');
}