Skip to main content
POST
TypeScript

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json

Request body for duplicating an IRL audit into a new audit engagement.

sourceAuditId
string
required

ID of the source IRL audit to duplicate.

displayName
string
required

Display name for the new audit engagement.

auditStartDate
string<date-time>
required

Start of the audit window for the new audit.

auditEndDate
string<date-time>
required

End of the audit window for the new audit.

earlyAccessStartsAt
string<date-time>
required

When auditors gain access to the new audit.

allowAuditorEmails
string[]
required

Emails of auditors who may access the new audit. Minimum one entry required. Each email must match an active user in the authenticated audit firm's domain.

Response

200 - application/json

Ok

id
string
required

The unique identifier for the audit.

customerOrganizationName
string
required

The domain name of the customer organization being audited (e.g. vanta.com)

customerDisplayName
string | null
required

The human readable name of the customer organization being audited (e.g. Vanta)

customerOrganizationId
string
required

The uuid of the customer organization being audited

auditStartDate
string<date-time>
required

The start of the audit window. This is also when data collection for audit starts.

auditEndDate
string<date-time>
required

The end of the audit window.

earlyAccessStartsAt
string<date-time> | null
required

Timestamp at which auditors gain access to the audit. Occurs before the audit window begins

framework
string
required

The name of the framework for the audit

displayName
string
required

The display name for the audit. Returns the custom audit name if set, otherwise returns the framework name.

allowAuditorEmails
string[]
required

Emails of auditors with access to audit

allowAllAuditors
boolean
required

Set to true if all auditors in audit firm have access

deletionDate
string<date-time> | null
required

Timestamp when the audit was deleted

creationDate
string<date-time>
required

Timestamp when the audit was created

modificationDate
string<date-time> | null
required

Timestamp when the audit was updated

completionDate
string<date-time> | null
required

Timestamp when the audit was marked completed, and report was uploaded

auditFocus
enum<string>
required

Audit focus determines if the audit is internal or external facing

Available options:
EXTERNAL,
INTERNAL
auditorRequestListMetadata
object

Metadata about the auditor request list. This field is only present for IRL (Information Request List) based audits and will be undefined for standard audits. Use the presence of this field to differentiate between IRL and non-IRL audits.