The Complete AssurAI Platform Tour

The Platform

One Platform. Six Modules. Your Entire GRC Program.

Purpose-built for audit and compliance teams — not a general tool with GRC bolted on. Every module shares one engagement model, one evidence layer, and one AI engine.

AI-powered tools
& templates

Autonomous
AI agents

up to 0%

Reduction in
audit effort†

Frameworks
mapped

🛡️

SOX & ICFR

35 AI tools · PCAOB AS 2201

FSLI scoping, RCM builder, control testing, deficiency classification, PCAOB-ready workpapers.

📋

Internal Audit

35 AI tools · IIA IPPF

Audit universe, engagement planning, fieldwork, findings, audit-committee reporting.

📈

Risk & ERM

24 AI tools · COSO · ISO 31000

Risk register, bow-tie analysis, appetite statements, heat maps, KRI monitoring.

⚖️

Compliance

24 AI tools · SOC 2 · HIPAA · PCI

Multi-framework management, gap assessments, cross-framework control mapping.

🛡️

BCM & Resilience

20 AI tools · ISO 22301 · NIST

BIA, recovery strategies, scenario testing, resilience program management.

💰

Financial Intelligence

30 AI tools · ASC 606 · GAAP

Revenue recognition, ratio analysis, going-concern, close checklists, variance analysis.

🛡️ Module 01 — Most Detail

SOX & ICFR — The Complete Section 404 Workflow

Everything a SOX program needs, from materiality through management sign-off — aligned to PCAOB AS 2201 and inspection-ready at every step.

getassurai.com/scoping

🎯 SOX Scoping & Materiality — Samsara Inc. · FY2026

Overall Materiality

$0M

5% of pre-tax income

Performance Materiality

$0M

75% of overall

Trivial Threshold

$0K

5% of overall

Significant Accounts (FSLIs) in scope

RevenueAccounts ReceivableInventoryFixed AssetsPayrollTreasuryAccounts PayableEquity

✅ 0 significant accounts identified · 0 controls in scope

⚡ AI calculates materiality & scope in 30 seconds — vs 3 hours manually

getassurai.com/control-library

🗂️ Risk & Control Matrix — auto-built from process narratives

Process	Risk	Control	Owner	Freq	Type	Status
Order to Cash	Revenue cutoff error	CFO monthly revenue review	J. Smith	Monthly	MRC	✅ Tested
Procure to Pay	AP fraud / duplicate pay	Automated 3-way match	AP Manager	Per txn	Auto	✅ Tested
Record to Report	Manual JE override	JE review & approval	Controller	Per txn	Manual	✅ Tested
Hire to Retire	Unauthorised pay change	Payroll change approval	HR Director	Per change	Manual	◐ In progress
ITGC — Access	Inappropriate access	Quarterly access review	IT Director	Quarterly	MRC	✅ Tested
Financial Close	Recon not performed	Bank reconciliation review	Sr. Accountant	Monthly	Manual	✅ Tested

🤖 AI builds your entire RCM from your process narratives — risks, controls, owners, frequency & type

getassurai.com/workflow

📋 WP-SOX-014 · Quarterly Access Review — Test of Operating Effectiveness

Draft

✏️ Edit section✦ AI rewrite

📝 Big 4-quality workpapers generated in 30 seconds — with per-section Edit & AI controls

getassurai.com/evidence-intelligence

⚡ Evidence Intelligence — classification

📄

Board_Meeting_Minutes_Q1_2026.pdf

2.4 MB · uploaded just now

analysing

Evidence TypeManagement Review Control

ReliabilityHigh — original document

RelevanceDirect — CFO quarterly review

AdequacySufficient

Suggested testMRC 5-attribute evaluation

🧑‍⚖️ This appears to be a Management Review ControlTest as MRC →

🔍 Evidence Intelligence classifies and routes evidence to the right test in seconds

getassurai.com/sox-certifications

✍️ SOX 302 Sub-Certifications — Q1 2026

Due March 31, 2026

6/8

signed

💼

Michael Chen · CFO

Full SOX 302 Certification

Signed

💰

Lisa Wang · VP Finance

Financial Controls

Signed

📈

Tom Liu · VP Sales

Revenue Controls

Pending

🏢

Jennifer Wu · CEO

Full SOX 302 Certification

Pending

+ New Certification Cycle

📜 Digital SOX 302 / 906 certifications with electronic signatures, IP & timestamp

getassurai.com/modules/sox

📊 SOX Process Map — click a process to see its AI tools

🏛️

ELC

12 controls

→

🔄

O2C

9 tools

→

💳

P2P

8 tools

→

📊

R2R

11 tools

→

👥

H2R

6 tools

→

🏦

Treasury

5 tools

→

🔐

ITGC

10 tools

→

📅

Fin. Close

7 tools

🗂️ Workpapers, controls & AI tools organised by business process — like a Big 4 binder

⚡ Evidence Intelligence

Evidence Intelligence — AI That Tests Your Controls

Drop in any evidence. AssurAI classifies it, executes the test procedure, writes a PCAOB-format conclusion, and files it to your engagement — with a full decision log.

AI examination — decision logrunning

AI examined 3 evidence documents

📄 EV-01 — Okta access export (1,284 users) → reconciled to HR roster

📄 EV-02 — CFO review sign-off memo → reviewer authority confirmed

📄 EV-03 — Exception follow-up log → 2 flagged items remediated

PCAOB conclusion: Control operated effectively for the period, with one deficiency noted and remediated. See exceptions.

🧑‍⚖️ MRC — 5-Attribute Evaluation

Quarterly access review · Management Review Control

PERFORMANCE✅ Effective

COMPETENCE✅ Effective

TIMELINESS✅ Effective

EFFECTIVENESS⚠️ Partial

DOCUMENTATION✅ Effective

Overall: PARTIALLY EFFECTIVE

💾 One click — Save to Engagement: Module → Engagement → Process → Section → Type

🤖 48 Autonomous Agents

48 Autonomous AI Agents — They Work While You Sleep

Not chatbots. Each agent executes a complete, multi-step audit workflow autonomously — delivering outputs that take human teams days to produce.

📊

SOX Scoping Agent

Analyses financials, calculates materiality, identifies significant accounts — a complete scoping memo in minutes.

⚠️

Deficiency Assessment Agent

Classifies Control Deficiencies, Significant Deficiencies & Material Weaknesses with full PCAOB rationale.

🔗

Cross Assurance Agent

Maps one control to 25+ frameworks simultaneously. Test once. Satisfy every framework.

🎯

Risk Assessment Agent

Builds the risk register, scores risks, suggests mitigations, generates KRIs and a COSO heat map.

📋

Audit Planning Agent

Risk-based audit plan, audit-universe prioritisation, resource allocation, board-ready presentation.

✅

Compliance Gap Agent

Full gap assessment, identifies missing controls, builds a remediation roadmap with effort estimates.

Autonomous agents
across 6 modules

Automated actions
per month (avg)

Automation rules
set & forget

🧪 Full-Population Analytics

Full Population Testing — Test Every Transaction. Not Just Samples.

Why test 25 samples when AI can test all 50,000 in seconds? Benford's Law, duplicates, round numbers, thresholds and outliers — across the entire population.

getassurai.com/population-testing-ai

📑

JournalEntries_FY2026.csv

0 transactions

Analysing entire population…

✅ Benford's Law: 3 anomalies in leading-digit distribution

✅ Round numbers: 47 entries ending in .00 above threshold

✅ Duplicate payments: 2 potential duplicates found

✅ Weekend / holiday: 8 entries on non-business days

✅ Unusual amounts: 12 transactions above materiality

🚩 Finding FIN-2026-019 · High Risk

Two journal entries (JE-44021, JE-44198) posted to the same vendor for an identical $128,400 amount within 48 hours, both manually approved by the same preparer. Recommend recovery review and segregation-of-duties remediation.

DuplicateSoD conflict$128.4K

⚡ 50,000 transactions tested in under 10 seconds — every test gets a decision log

📋 Module 02 — Internal Audit

Internal Audit — IIA Standards from Planning to Report

A full engagement lifecycle aligned to the IIA's International Professional Practices Framework — planning, fieldwork, reporting and follow-up.

①

Planning

Audit universe with risk scores · risk-based selection · AI-generated engagement letter · team & timeline assignment.

②

Fieldwork

Control library & test procedures · PBC evidence requests to control owners · AI-assisted workpapers · findings with risk classification.

③

Reporting

AI drafts the audit report — Executive Summary, Background, Findings, Recommendations — plus an audit-committee presentation.

④

Follow-up

Management Action Plans tracked · due dates & owners assigned · overdue escalations automated.

getassurai.com/audit-committee-report

📊 AI-drafted audit report — Procurement Process Review

Executive Summary — Overall rating: Needs Improvement · 2 high, 3 medium findings

Background & Scope — P2P process, FY2026, $284M spend reviewed

Findings — Vendor master not periodically validated; 3-way match tolerance too high

Recommendations — Implement quarterly vendor revalidation; tighten tolerance to ±2%

📥 PBC Portal

PBC Portal — Seamless Evidence Collection from Control Owners

The complete Provided-By-Client workflow — request, notify, collect, review — with no login required for the owner and no emails back and forth.

STEP 1

Create request

Auditor fills the evidence request form

STEP 2

Email sent

Secure link emailed to the owner

STEP 3

Owner opens

Portal opens — no login needed

STEP 4

Uploads docs

Drag & drop evidence files

STEP 5

Auditor reviews

Accept or reject the evidence

STEP 6

Filed

Evidence lands in the engagement

🔵 Pending 🟡 Uploaded 🟢 Accepted 🔴 Rejected ⏰ Overdue

📈 ⚖️ 🛡️ Three More Modules

Risk, Compliance, BCM — Every GRC Function in One Place

Beyond SOX and internal audit, AssurAI runs your enterprise risk, multi-framework compliance, and business-continuity programs — on the same platform.

📈 Risk & ERM

COSO ERM · ISO 31000

COSO heat map · risk register · KRI dashboard with live indicators · bow-tie analysis.

⚖️ Compliance

SOC 2 · HIPAA · PCI · GDPR

SOC 2ISO 27001HIPAAPCI DSSGDPR+20

compliance score

25 frameworks · gap assessment · cross-framework mapping.

🛡️ BCM & Resilience

ISO 22301 · NIST

Order Management	RTO 4h
Billing System	RTO 1h
Data Warehouse	RTO 24h

BIA · recovery objectives · scenario testing: pandemic · cyber · disaster.

🔗 The Wow Moment

Cross Assurance — Test Once. Satisfy 25 Frameworks.

Stop re-testing the same control for every framework. Describe one control and AssurAI maps it across every standard you report against — simultaneously.

You enter one control…

"Access to financial systems requires MFA and is reviewed quarterly by the IT Director."

AssurAI mapping to frameworks

0–0%

reduction in testing hours

…and it maps to all of these, instantly:

SOX 302 / 404ICFR · Access

SOC 2CC6.1

ISO 27001:2022A.9.4

NIST CSF 2.0PR.AC-1

GDPRArticle 32

HIPAA164.312(a)

PCI DSS v4.08.3

DORAArticle 9

+ 17 more frameworks mapped →

🗂️ Industry Standard

Industry-Standard Engagement Files — Organised Like Big 4

A PCAOB AS 1215-compliant engagement file: client header, phase progress, section & process rings, workpaper list, PBC status and budget-vs-actual — in one view.

getassurai.com/engagement-file

🛡️ Samsara Inc. — FY2026 Annual SOX

Materiality $4.2M · Phase: Fieldwork · Lead: J. Smith

By PhaseBy Process

Business process filter

All🔄 O2C (14)💳 P2P (11)📊 R2R (18)👥 H2R (6)🔐 ITGC (22)

Ref	Title	Section	Process	Status
WP-SOX-001	Manual JE Review — Test of OE	Control Testing	Record to Report	Approved
WP-SOX-014	Quarterly Access Review	Control Testing	IT General Controls	In Review
WP-SOX-022	Revenue Cutoff Walkthrough	Walkthroughs	Order to Cash	Approved

📥 PBC Status

12 total8 received3 pending1 overdue

⏱️ Budget vs Actual

420h budget318h actual76% used · 82% complete

📐 PCAOB AS 1215-compliant — every conclusion traced to evidence, every workpaper to a process

💾 Universal Save

Save Any AI Output — Directly to Your Engagement File

Every AI agent — fraud detection, three-way match, earnings quality, contract analysis — saves straight into your engagement, organised by the same five-level hierarchy.

🔍 JE Fraud Assessment complete

The agent flagged 3 high-risk journal entries. One click files it to the right place in your engagement — no copy-paste, no re-keying.

💾 Save to Engagement

✅ Saved to FY2026 Annual SOX → R2R → Control Testing

Save to Engagement

Module🛡️ SOX & ICFR

EngagementFY2026 Annual SOX — Samsara Inc.

Process📊 Record to Report (R2R)

SectionControl Testing

TypeData Analytics

TitleJE Fraud Assessment — Revenue Cycle Q1 2026

Save as DraftSave & Submit for Review

🔒 Enterprise-Grade

Enterprise-Grade Security. Transparent Pricing.

Your audit evidence is the most sensitive data in your organisation. AssurAI protects it with bank-grade controls — and never trains AI on your data.

🔐

AES-256 encryption

At rest and in transit, end to end.

🛡️

SOC 2 infrastructure

Built on Supabase + Netlify.

🌍

GDPR-ready

Your data is never used to train AI.

🔏

Row-level security

Each org sees only its own data.

⏱️

Rate-limited AI

Every AI endpoint is throttled & audited.

🔑

JWT auth + Google SSO

MFA-ready authentication.

Starter

$499/mo

For small teams getting SOX-ready

All 6 GRC modules
215+ AI tools
Up to 5 users
Email support

Professional

$1,499/mo

For growing audit functions

Everything in Starter
48 autonomous agents
Up to 25 users
Excel add-in · API access
Priority support

Enterprise

Custom

For complex, multi-entity programs

Everything in Professional
Unlimited users
SSO · SCIM · audit logs
Dedicated success manager
Custom integrations

Ready to transform
your audit practice?

Free 14-day trial · No credit card required · Live in minutes.

Start Free Trial →Book a Demo →

PCAOBIIACOSOISOBig 4 Practitioners

The CompleteAssurAI Platform Tour