›Why asset compliance audit needs a structured workflow
ISO 19770 audit preparation takes 3 months manually — gathering evidence from emails, spreadsheets, shared drives and discovery exports into a coherent compliance dossier. Automated compliance reports cut this to 1 week by collecting and structuring evidence continuously.
Without a structured workflow, audit preparation is a recurring fire-drill that consumes 200+ hours per cycle and still produces incomplete evidence, leading to true-up bills and delayed certifications.
Utilyx models the compliance audit as an executable decision tree — preparation, collection, AI gap analysis, remediation, and audit-ready reporting — so every audit becomes a one-click exercise.
›The automated compliance audit workflow
The workflow is structured as a decision tree with 5 main branches (Preparation, Collection, Gap Analysis, Remediation, Reporting) running on audit-trigger or continuously, with parallel remediation sub-branches and 8 steps end-to-end. Every step is executed by a named actor (IT Manager, AI Copilot, ai-agent, Compliance Owner) and every action is appended to the timeline_audit audit subtable.
- Step 1 (Start — IT Manager): the IT manager defines the audit scope via fields audit_type (vendor / ISO 19770 / internal), scope_titles, scope_sites, scope_period, auditor — validated by the workflow.
- Step 2 (Evidence checklist — AI Copilot): the Copilot assembles the required evidence checklist based on ISO 19770 controls (entitlement proofs, install records, license catalog, contracts) — stored in the audit_checklist table.
- Step 3 (Data collection — sql-query): the workflow pulls data via sql-query from the license catalog, discovery results and contracts — automatically — writing to the audit_evidence table. Sub-branch: the Copilot flags missing_evidence items and splits — Branch A (all evidence present): proceed to analysis; Branch B (missing evidence): create enrichment tasks and hold analysis until closed.
- Step 4 (Gap analysis — ai-agent): the ai-agent cross-checks installed vs licensed, validates entitlement proofs, and identifies compliance gaps with severity scoring (low / medium / high / critical), root_cause, affected_titles, financial_exposure — recorded in the audit_gap table.
- Step 5 (Gap triage — AI Copilot): the tree splits on severity — Branch A (low/medium): auto-assign remediation to license owner; Branch B (high/critical): escalate to compliance owner + procurement with deadline.
- Step 6 (Remediation plan): the workflow assigns remediation tasks (purchase / uninstall / reallocate) with remediation_owner, deadline, status — tracked to closure via sql-query on the remediation_task table.
- Step 7 (usePDF ISO 19770 report): usePDF generates an audit report aligned with ISO 19770 — scope, evidence, gaps, remediation status — for the auditor or regulator, in 7 languages.
- Step 8 (useArchive): useArchive retains every piece of evidence, gap record and the final report in a tamper-evident archive with index fields audit_id, audit_type, scope_period, gap_count for the regulator.
›Concrete benefits
Teams using Utilyx cut ISO 19770 audit preparation from 3 months (manual) to 1 week (automated compliance reports), eliminate true-up surprises (gaps are surfaced continuously by the ai-agent, not at audit time), and pass ISO 19770 certifications on the first attempt.
The ITAM copilot builds the audit workflow from a plain-language description — no audit consultant required, at 70% lower TCO than legacy SAM tools. Evidence is collected continuously, so the audit dossier is always one click away.
›The workflow in real time
Every node is executable, every branch is testable. Visualize the actual flow of your data while you design.
Frequently asked questions
Does the workflow produce an ISO 19770-compliant audit report?
Yes. usePDF generates an audit report covering scope, evidence, gaps and remediation — aligned with ISO/IEC 19770 controls, available in 7 languages and archived via useArchive for the regulator.
Can the AI identify compliance gaps automatically?
Yes. The copilot cross-checks installed vs licensed, validates entitlement proofs, and records each gap with root cause, financial exposure and remediation owner.
How long does audit preparation take?
Teams cut audit preparation from 200+ hours to under 10, because evidence is collected continuously and the report is generated on demand.
Ready to automate your processes?
Utilyx lets you design, automate and orchestrate your workflows visually — with an AI copilot, OCR, PDF generation and legal archiving. Start in minutes, not weeks.
