Key Concepts

Before diving in, here are the core concepts you'll encounter throughout LOQI.

The Audit Lifecycle

Every audit in LOQI follows this lifecycle:

Engagement → Risk Analysis → Audit Program → Testing → Findings → Report

Each stage builds on the previous one. LOQI guides you through this flow with status tracking and AI assistance at each step.

Engagements

An engagement is a single audit project. It has a title, audit area, team, timeline, and status. Everything else — objectives, procedures, documents, findings, and the final report — lives inside an engagement.

Engagements move through these statuses:

Draft — Initial setup
Planning — Risk analysis and program development
Fieldwork — Testing and evidence collection
Reporting — Report drafting and review
Complete — Finalized and archived

Audit Program

The audit program is your testing plan. It consists of:

Objectives — What you're trying to assess (e.g., "Evaluate effectiveness of loan approval controls")
Procedures — Specific tests to perform (e.g., "Select 25 loan files and verify approval signatures")
Testing Attributes — What to check in each sample item (e.g., "Signature present", "Within authority limit")

LOQI can generate an entire audit program from your risk analysis using AI, or you can build it manually.

Risk Analysis

Before creating your audit program, you perform a risk analysis. Upload relevant documents (policies, prior audits, regulatory guidance) and LOQI's AI extracts risk items, categorizes them, and suggests risk scores.

You review and adjust the scores, then use them to generate a targeted audit program.

Testing & Workpapers

During fieldwork, you execute procedures by:

Selecting samples — Choose items to test
Recording results — Mark each attribute as Pass, Fail, or N/A
Documenting exceptions — When something fails, record the details
Completing workpapers — Summarize your work and conclusions

Findings & Observations

When testing reveals issues, you create findings (also called observations). Each finding follows the 5 C's framework:

Condition — What you found (the problem)
Criteria — What should be (the standard)
Cause — Why it happened
Consequence — What's the impact
Corrective Action — What needs to change

Evidence Requests (PBC)

PBC stands for "Prepared By Client." These are formal requests you send to management or process owners asking them to provide specific documents or information. Recipients receive an email with a secure link to upload their evidence directly.

Document Library

The library is your organization's shared repository of reference documents — policies, regulations, standards, and other materials that apply across multiple audits. Documents in the library are chunked and indexed so the AI can cite them when generating content.

Citations

When AI generates content (report sections, risk analysis, workpaper narratives), it includes citations — references to specific passages in your source documents. Citations are clickable and verifiable, so you can trace every AI-generated claim back to its source.

Next steps

Your First Engagement — Put these concepts into practice
Glossary — Full list of audit terminology

The Audit Lifecycle​

Engagements​

Audit Program​

Risk Analysis​

Testing & Workpapers​

Findings & Observations​

Evidence Requests (PBC)​

Document Library​

Citations​

Next steps​