Skip to end of banner
Go to start of banner

Audit Report

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Generating the Report:

The audit report should be generated annually in September, and the report requires approval by the Sage Bionetworks Director of Governance. The report should contain data from the past two audit cycles. For example, the October 2021 audit report should contain data from the Q1/Q2 2021 audit and the Q3/Q4 2020 audit periods. 

Use this audit report template to generate the report. The same audit report can be submitted to WIRB and to HITRUST. The report should be finalized by the end of September so that it can be submitted to WIRB and HITRUST in October.

Submitting the Report:

One audit report will be generated for both the WIRB and HITRUST submissions. 

  1. WIRB Submission:

    1. The Governance Regulatory Support team will submit the audit report during the Synapse Continuing Review, which occurs annually in October. For reference, Synapse submissions to WIRB are stored here.

  2. HITRUST Submission:

    1. The Synapse Security Engineer will submit the audit report to HITRUST annually in October.

Storing the Report:

Store the audit report, associated data files, and Community Manager/Synapse user responses here.

  • No labels