Audit Reporting
Audit reporting generates professional reports from your audit instance data. Reports aggregate control test results, findings, evidence, and remediation actions into formatted documents for executives, audit teams, and regulatory bodies.
Report types
SecureHive generates three types of audit reports:
| Report Type | Audience | Includes |
|---|---|---|
| Executive Summary | Leadership and stakeholders | Audit overview, key metrics, findings summary, risk assessment, recommendations |
| Detailed Report | Audit teams | Complete control test results, evidence review, all findings with severity, remediation status, full audit trail |
| Compliance Report | Regulators and auditors | Control coverage analysis, compliance status per control, gap analysis, remediation roadmap, certification readiness |
Generating a report
Navigate to reports
Go to your audit instance and open the Reports tab.
Click Generate Report
Click the Generate Report button to start creating a new report.
Select the report type
Choose Executive Summary, Detailed Report, or Compliance Report based on your audience and purpose.
Configure report details
Enter a descriptive title (e.g., “Q1 2026 IT Access Controls Audit — Executive Summary”) and select which sections to include.
Generate
Click Generate. The system collects all control test data, aggregates findings and remediation actions, calculates completion rates and metrics, and produces the formatted report.
Review and approve
Review the generated report for accuracy and completeness. Make any necessary edits, add notes if needed, then click Approve Report to move the report from Draft to Approved status.
Report status
Reports move through three statuses:
Draft — Report has been generated but not yet approved. Can be edited and regenerated.
Approved — Report has been reviewed and approved. Ready for distribution. Can still be regenerated if audit data changes.
Published — Report has been published and distributed. Typically the final version, archived for record-keeping.
Report content
All report types draw from the same underlying data: control test objectives, procedures, and results (Pass, Fail, Partial, Not Applicable); all documented findings with severity levels and linked control tests; remediation plans with assignments, due dates, and completion status; and aggregate metrics including completion rates, risk assessments, and performance analytics.
Reports can be viewed in a professionally formatted interface within SecureHive or downloaded as PDF for sharing and archiving.
Best practices
Choose the right report type for your audience — Executive Summary for leadership, Detailed Report for audit teams, Compliance Report for regulatory purposes. Always review generated reports for accuracy before approving. Use descriptive titles that include the audit instance name, report type, and date. Generate final reports after all control tests are completed to ensure comprehensive and accurate data.
Next steps
For a complete example of the audit process from framework setup through report generation, see the audit walkthrough.