Feature - Third Party Audit URL (no due date)

Hi Guys,

Is it possible when creating a URL for external third party audits that this is a random string that is generated. Otherwise it is possible for other third parties to access other third party audits by just changing the last number. As I intend to use this more frequently it will increase the chance of third parties trying their luck.



Yep - agreed. I have a list of improvements on my notes for Third Parties:

  • automatically start and finish audits based on the dates provided
  • review english on third party audits, findings section
  • review logic when two auditees need to answer the same question, when can the audit be submitted.
  • deinfe custom emails for comments, attachments and submissions of forms.
  • custom roles missing for third party notifications
  • notification sent when no feedback is provided by the auditees.
  • put a big warning when deleting third parties, if the object has compliance analysis into it.
  • when you clone a third party audit, you want to be able to edit all fields and reset all answers.
  • allow auditee to download answered questions on CSV
  • missing “Status” on third party (Start / Finished)
  • make a random hash as third party identifier (<- your suggestion)

Time-wise, we plan finishing workflows in the next couple of weeks, then we have some risk improvements (a week or two) and then we plan to do improvements on third party audits.


1 Like