Comprehensively manage the three lines of defence

Xactium Audit Management is an additional platform that integrates with the Xactium Risk Management Suite.  It enables your organisation to comprehensively manage the Three Lines of Defence in accordance to ISO 31000.



  • Identify, assess and respond to risks above and below risk appetite thresholds.
  • Assess risk controls associated with your processes.
  • Measure effectiveness of each risk mitigation action.
  • Improve the design and implementation of your processes.
  • Ensure ownership of all your audit tasks.
  • Get audit reports on the effectiveness of your risk management framework

Audit Management


Audit Planning

Audit Fieldwork

Audit Reporting

Audit Follow-up

Request a Demo

Manage The Entire Audit Process

Xactium Audit Management gives you total control of your internal risk management audit process. It is an easy-to-use system that helps you automate work handover items and simplify tasks across all four stages of the internal audit process:

  • Planning
  • Fieldwork
  • Reporting
  • Follow-up





Better Audit Management. Better Business.

Enhance your audit management with Xactium Audit Manager, and your business can:

Organisation-Wide Framework

Establish a consistent, organisation-wide audit management framework.

Easier Audits

Conduct internal audit’s across your organisation.

Integrated and Automated

Transform isolated, manual processes, spreadsheets and point solutions into an integrated, automated audit management program.

Set Budgets

Set a budget for each audit.

Assign Tasks

Assign tasks to individual auditors in a system viewable by all those with access.

Faster Management 

Spend time managing audit data instead of collating and manipulating audit data. 


Risk Identification

Audit Planning

Carefully plan every aspect of your audits.

  • Easily configure custom audit plans for individual audit requirements.
  • Link related audit methodologies and rationales.
  • Create well-defined, easy-to-follow audit plans. Associate relevant processes with plans, and define the audit tasks required by each process.
  • Ensure every audit task has an owner responsible for completing it.
  • Create a test plan (or work papers) for any audit task, then link it to a control objective for simple reporting.
  • Give management a clearer view of proposed audit activities, with approval processes.


Risk Assessment

Audit Fieldwork

Give internal auditors the exact requirements for assessing every control, process and risk.

  • Assess controls in accordance with audit plans.
  • Add recommendations for each control audit. Recommendations can include required actions and ownership assignment.
  • Add observations and assign them to a relevant team member, to ensure follow-up.
  • Instantly see audit results in your work paper or test plan.
  • Improve management awareness of audits. Approval processes can require managers to agree the results of each audit.
Risk Mitigation

Audit Reporting

Easily report on every aspect of your internal risk audit activities. Ensure your risk management activities are sufficient, your audits are being completed and audit recommendations are being acted upon.

Download customised, branded audit reports on each test plan or work paper at the click of a button.

Easily run a wide range of standard audit reports, including;

  • Audit plan progress.
  • Audits against schedule.
  • Control action status.
  • Internal audit action control log.

Easily create your own custom reports, with intuitive report creation tools.

Schedule automatic reports direct to your inbox.
Risk Reporting

Audit Follow-up

Make sure audit findings lead to positive change. With Audit Manager, your recommendations and observations can have assigned owners, with responsibility for action.
  • Assign ownership and automatically log every audit recommendation.
  • Keep team members up to date with the recommendations they own, via automated email notifications. Notifications link directly to the recommendation.
  • Use simple controls to approve, reject or accept the risk of any recommendation.
  • Create control actions, including ownership and completion date, for any recommendation.