Back to Plugins
operations
Audit Automation
Complete internal audit documentation in hours instead of weeks
Plugin ID
pf-audit-automation
Category
operations
Version
v1.2
Downloads
28
pf-audit-automation
Generate professionally structured internal audit documentation in 2-3 hours instead of 18-25.
A free alternative to AuditBoard's document workflow module ($25,000-$50,000+/year). Now with deep domain knowledge from IIA Standards, COSO 2013, SOX, ISO 27001, COBIT 2019, and NIST CSF embedded directly into every skill.
Installation
- Download the
pf-audit-automation.pluginfile - Open Claude Desktop and navigate to Settings > Plugins
- Click Install Plugin and select the downloaded
.pluginfile - The plugin will be installed and available immediately
Note: All data stays local on your machine. No external API calls or cloud storage required.
What's New in v1.1 — Deep Domain Knowledge
Version 1.1 transforms the plugin from a generic audit document generator into an professionally structured audit tool by embedding authoritative domain knowledge:
- New: Centralized Knowledge Base (audit-kb) — 400+ lines of authoritative references including IIA Standards (IPPF), COSO 2013 (17 principles), SOX §302/§404, PCAOB AS 2201, ISO 27001:2022, COBIT 2019, NIST CSF 2.0
- IIA sampling methodology — Risk-based sample sizes (High ≥ 25, Medium = 15, Low = 5-10) with frequency adjustments
- 8-criteria quality scoring rubric — Framework alignment, IIA compliance, risk accuracy, specificity, quantification, sampling, disclaimers, completeness
- Risk rating criteria with financial impact thresholds and inherent risk factors
- Audit opinion determination logic with special rules for SOX and ISO 27001
- Remediation priority framework (P1-P5) with risk-based timelines
- 35 iteration fixes across all 7 skills documenting specific improvements
Quick Start
/audit-setup
/audit-plan
/audit-test-plan
/audit-evidence-request
/audit-findings
/audit-report
/audit-action-plan
Or run the full pipeline: /audit-run
Commands
| Command | Stage | What It Does |
|---|---|---|
/audit-setup |
0 — Setup | Creates workspace folders, installs dependencies, validates templates |
/audit-plan |
1 — Plan | Generates Audit Plan with COSO/SOX/ISO framework-mapped risk rankings |
/audit-test-plan |
2 — Test Design | Generates Test Procedures with IIA-standard sample sizes and methodology |
/audit-evidence-request |
3 — Evidence | Generates PBC evidence request list with framework-specific items |
/audit-findings |
4 — Findings | Structures findings in IIA 5-element format with KB-referenced risk ratings |
/audit-report |
5 — Report | Generates Final Report with IIA-compliant audit opinion and P1-P5 recommendations |
/audit-action-plan |
6 — Remediation | Generates CAP with KB §15 priority framework and IIA 2500 follow-up steps |
/audit-automation-dashboard |
Dashboard | Interactive visual dashboard — "show me" |
/audit-run |
Full Pipeline | Runs all 6 stages sequentially with checkpoint/resume |
/audit-status |
— | Shows current audit project status and file inventory |
/audit-kb |
Reference | NEW — Look up IIA Standards, COSO, SOX, sampling, risk frameworks |
Skills
| Skill | Enhancement in v1.1 |
|---|---|
| audit-planning | COSO/SOX/ISO framework mapping with specific clause citations; risk ratings per KB §8.1 |
| audit-test-plan | IIA sampling per KB §7.1-§7.2; frequency-based adjustments; Inquire-Observe-Inspect-Re-perform methodology |
| audit-evidence-request | Framework-specific evidence items; IIA Standard 2330 alignment; system-generated vs self-reported distinction |
| audit-findings | IIA 5-element per KB §1.3; SOX deficiency classification per KB §3.3; quantified exception rates vs industry benchmarks |
| audit-report | Opinion determination per KB §9.1-§9.2; IIA 2410 executive summary; P1-P5 recommendation priority |
| audit-action-plan | KB §15 priority framework; IIA 2500 monitoring steps; SOX material weakness P1 escalation |
| audit-setup | KB-aware configuration; supported frameworks list; quality minimum score setting |
| audit-kb | NEW — Centralized knowledge base with 15 sections of authoritative domain references |
Domain Knowledge Coverage
| Domain | Sources Referenced |
|---|---|
| IIA Standards | IPPF Standards 1000-2600; 5-Element Finding Format; Sampling Standards |
| COSO 2013 | 5 Components, 17 Principles, Internal Control Integrated Framework |
| SOX | §302, §404(a), §404(b), §906; Deficiency Classification (3-tier) |
| PCAOB | AS 2201 ¶5, ¶24, ¶62-70; Material Weakness definition |
| ISO 27001:2022 | Clauses 4-10; Annex A (93 controls across 4 themes) |
| COBIT 2019 | EDM, APO, BAI, DSS, MEA domains; 40 governance/management objectives |
| NIST CSF 2.0 | GOVERN, IDENTIFY, PROTECT, DETECT, RESPOND, RECOVER functions |
| PCI-DSS v4.0 | 12 Requirements (via compliance matrix) |
| HIPAA | Security Rule 45 CFR §164 (via compliance matrix) |
Comparison vs. AuditBoard
| Feature | pf-audit-automation v1.1 | AuditBoard |
|---|---|---|
| Audit Plan generation | ✅ With framework mapping | ✅ |
| Test procedure library | ✅ AI-generated, IIA-standard | ✅ Manual library |
| Evidence request (PBC) | ✅ Framework-specific | ✅ |
| Findings with IIA format | ✅ 5-element + SOX classification | ✅ |
| Final audit report | ✅ With opinion logic | ✅ |
| Corrective action plan | ✅ P1-P5 priority framework | ✅ |
| Domain knowledge base | ✅ 400+ lines, 9 frameworks | ❌ |
| Quality scoring rubric | ✅ 8-criteria automated | ❌ |
| AI risk analysis | ✅ | ❌ |
| Framework auto-mapping | ✅ | ❌ |
| Workflow automation | Partial (sequential commands) | ✅ Full workflow |
| Issue tracking | ❌ | ✅ |
| Multi-user collaboration | ❌ | ✅ |
| Analytics dashboard | ❌ | ✅ |
| Annual cost | Included | $25,000-$50,000+ |
Version History
| Version | Date | Theme | Changes |
|---|---|---|---|
| 1.1 | 2026-03-15 | Deep Domain Knowledge | +1 new skill (audit-kb), +1 new command, 7 skills enhanced, 35 iteration fixes, 8-criteria quality rubric |
| 1.0 | 2026-03-15 | Initial Release | 7 skills, 9 commands, full audit pipeline |
Estimated Cost per Use
Disclaimer: Token estimates are approximate and based on typical usage patterns measured from skill prompt sizes. Actual costs vary with input data size, conversation length, and complexity. Estimates use Claude Sonnet 4.6 pricing ($3/1M input, $15/1M output). Cowork and Claude Desktop subscription users (Pro/Max/Team) are not charged per-token — these estimates apply only to direct Anthropic API usage. Running stages individually in fresh sessions uses fewer input tokens than running the full pipeline sequentially, because pipeline mode accumulates conversation history across stages.
Per skill (run individually in a fresh session):
| Stage | Skill Prompt | User Input | Total Input | Output | Est. Cost |
|---|---|---|---|---|---|
| audit-planning | ~6.2K | ~800 | ~9.8K | ~4.0K | ~$0.09 |
| audit-dashboard | ~4.9K | ~500 | ~8.2K | ~8.0K | ~$0.14 |
| audit-kb | ~7.7K | ~800 | ~11.4K | ~4.0K | ~$0.09 |
| audit-test-plan | ~6.2K | ~800 | ~9.9K | ~4.0K | ~$0.09 |
| audit-action-plan | ~4.7K | ~800 | ~8.3K | ~4.0K | ~$0.08 |
| audit-report | ~5.3K | ~800 | ~8.9K | ~6.0K | ~$0.12 |
| audit-evidence-request | ~4.4K | ~800 | ~8.0K | ~4.0K | ~$0.08 |
| audit-findings | ~6.2K | ~800 | ~9.9K | ~4.0K | ~$0.09 |
| Standalone total | ~74.3K | ~38.0K | ~$0.79 |
Full pipeline (all stages in one session — context accumulates):
| Stage | Base Input | + History | Total Input | Output | Est. Cost |
|---|---|---|---|---|---|
| audit-planning | ~10.0K | 0 | ~10.0K | ~4.0K | ~$0.09 |
| audit-dashboard | ~8.4K | ~4.8K | ~13.2K | ~8.0K | ~$0.16 |
| audit-kb | ~11.4K | ~13.3K | ~24.8K | ~4.0K | ~$0.13 |
| audit-test-plan | ~10.0K | ~18.1K | ~28.1K | ~4.0K | ~$0.14 |
| audit-action-plan | ~8.5K | ~22.9K | ~31.4K | ~4.0K | ~$0.15 |
| audit-report | ~9.1K | ~27.7K | ~36.8K | ~6.0K | ~$0.20 |
| audit-evidence-request | ~8.2K | ~34.5K | ~42.7K | ~4.0K | ~$0.19 |
| audit-findings | ~10.0K | ~39.3K | ~49.3K | ~4.0K | ~$0.21 |
| Pipeline total | ~236.4K | ~38.0K | ~$1.28 |
Running the full pipeline once typically costs $0.90–$1.66 in API tokens (Claude Sonnet 4.6).
Requirements
- Python 3.8+ with
python-docx >= 0.8.11(auto-installed by/audit-setup) - Claude with Read, Write, Bash, Glob tools enabled
- Workspace folder selected in Cowork
Important Disclaimers
- AI-Generated Content: This plugin uses AI (LLM) technology which can produce inaccurate or incomplete outputs. All content should be treated as a starting point and reviewed for accuracy before use.
- Not Professional Advice: Outputs do not constitute legal, financial, tax, medical, or other professional advice. Consult qualified professionals before making decisions based on generated content.
- No Compliance Guarantee: References to industry standards, regulations, or guidelines are for informational purposes only. This plugin does not guarantee compliance with any law or regulation. Users are responsible for verifying all outputs meet their specific regulatory requirements.
- No Endorsement or Affiliation: Mention of third-party products, standards, or organizations does not imply endorsement, partnership, or certification by those entities.
- Not Financial or Tax Advice: Financial calculations, tax estimates, and related outputs are for informational purposes only. Consult a qualified CPA or financial advisor for tax and financial decisions.
Ready to use Audit Automation?
Download this free plugin and start using it in Claude today.
Need something different?
We build custom plugins tailored to your exact workflow.