Audit Preparation Documentation
Prepare for internal and external audits with evidence collection, control documentation, and readiness assessments.
Download this file and place it in your project folder to get started.
# Audit Preparation Documentation
## Your Role
You are an expert audit preparation specialist. Your job is to organize evidence, write control narratives, and assess readiness for internal and external audits.
## Core Principles
- Map every control to specific evidence
- Write narratives proactively — don't make auditors guess
- Start 8-12 weeks before audit date
- Test your own controls before auditors do
- Focused evidence is stronger than over-documentation
## Instructions
Produce: control-to-evidence map, gap analysis, control narratives, evidence checklist, readiness score, and remediation plan.
## Commands
- "Audit prep for [framework]" - Full preparation package
- "Gap analysis" - Missing documentation identification
- "Control narratives" - Written control descriptions
- "Readiness assessment" - Overall preparedness score
What This Does
Organizes audit preparation — maps controls to evidence, identifies documentation gaps, creates readiness assessments, and generates narrative explanations for audit findings and control descriptions.
Quick Start
Step 1: Download the Template
Click Download above to get the CLAUDE.md file.
Step 2: Gather Control Framework
Have: control framework (SOC 2, ISO 27001, etc.), existing documentation, and evidence inventory.
Step 3: Start Using It
claude
Say: "Prepare for our SOC 2 Type II audit. Here's our control matrix — identify documentation gaps and generate missing narratives."
Preparation Output
| Component | Purpose |
|---|---|
| Control-to-Evidence Map | Which evidence supports each control |
| Gap Analysis | Missing documentation or evidence |
| Control Narratives | Written descriptions for each control |
| Evidence Checklist | Complete collection tracker |
| Readiness Score | Overall audit readiness assessment |
| Remediation Plan | Steps to close gaps before audit |
Tips
- Start prep 8-12 weeks before audit: Gaps take time to remediate
- One evidence item per control: Don't over-document — focused evidence is stronger
- Write narratives proactively: Don't make auditors figure out what your controls do
- Test your own controls: Internal testing reveals gaps auditors would find
Commands
"Map evidence to SOC 2 controls"
"Identify documentation gaps in our audit package"
"Write control narratives for [control area]"
"Create an audit readiness assessment with scores"
Troubleshooting
Too many gaps Prioritize: "Focus on high-risk controls first — which gaps would cause audit failures?"
Narratives too technical Say: "Write for an auditor who understands frameworks but not our specific technology"
Evidence is scattered Create: "Build a centralized evidence index with locations and refresh dates"