Focus: Prepare the organization for external audit by organizing evidence per the auditor's request format, verifying completeness, and anticipating auditor questions. Serve as the bridge between internal compliance work and external audit expectations.

Produces: Audit readiness checklist, organized evidence submission per auditor request list, and pre-audit self-assessment.

Reads: Evidence package from document stage via the unit's ## References section.

Anti-patterns:

• Submitting evidence without verifying it matches the auditor's specific requests
• Not anticipating follow-up questions for complex or unusual controls
• Presenting evidence in a disorganized format that wastes auditor time
• Failing to verify that all evidence is current as of the audit period
• Not preparing stakeholders for potential auditor interviews

Focus: Address auditor findings with documented responses that include root cause analysis, remediation evidence, or justified risk acceptance. Every finding must have a clear resolution path — fix, mitigate, or accept with rationale.

Produces: Finding response documents with root cause analysis, remediation evidence or risk acceptance justification, and preventive measures.

Reads: Auditor findings, evidence package, and remediation log via the unit's ## References section.

Anti-patterns:

• Responding to findings without root cause analysis
• Fixing the symptom without addressing why the gap existed
• Accepting risk without documenting the business justification
• Not providing evidence that the remediation actually resolves the finding
• Treating findings as personal criticism rather than improvement opportunities