Skip to main content

Calculating audit health

Hyperproof determines audit health by calculating the number of requests that should be submitted and closed at a certain point in the audit.

EvidenceCollectionDuration

  • If there’s no timeline defined, Hyperproof uses requests past due to indicate an audit may be at risk. In the absence of those, the audit is N/A.

  • If there is a pre-set Hyperproof evidence collection state, Hyperproof uses those start and end dates (inclusive) to get the EvidenceCollectionDuration.

  • If there’s an audit timeline, but no pre-set evidence collection stage, Hyperproof uses the earliest date of all the stages as the start date and the latest date of all the stages as the end date (inclusive) to calculate EvidenceCollectionDuration.

StartBuffer

EvidenceCollectionDuration * 0.05

EndBuffer

EvidenceCollectionDuration * 0.15

NumRequests

The total number of requests in the audit

RequestsPastDue

Requests that are not started or in progress, but the due date has passed

RequestsPerDay

NumRequests / (EvidenceCollectionDuration - EndBuffer)

Baseline

DaysSinceAuditStart * ReqsPerDay

ReqsGap

Baseline - (NumSubmittedReqs + NumCompletedReqs)

Hyperproof calculates what percentage of the baseline number of requests has actually been submitted or closed.

If no timeline defined:

  • RequestsPastDue < = 0 - audit is N/A

  • Requests > 0 - audit is AT RISK

Else:

  • If DaysSinceAuditStart > StartBuffer, and the result is:

    • 80% or more - Audit is HEALTHY

      • If there are any requests with a due date that has passed, and they are not in the submitted or closed states, the audit is AT RISK.

    • 60% to 80%

      • and NumInProgressReqs > ReqsGap * 0.5 - audit is AT RISK

      • and NumInProgressReqs < ReqsGap * 0.5 - audit is CRITICAL

    • less than 60%

      • and NumInProgressReqs > ReqsGap * 0.9 - audit is AT RISK

      • and NumInProgressReqs < ReqsGap * 0.9 - audit is CRITICAL

  • Else

    • The audit is HEALTHY