Documentation Index
Fetch the complete documentation index at: https://grantmaster.dev/llms.txt
Use this file to discover all available pages before exploring further.
Role Guide: Auditor
Overview
Auditors are external users granted time-boxed, read-only access to an organization’s compliance and financial data. This role is designed for independent auditors, evaluators, and oversight personnel who need to review records without the ability to modify them.
How Auditor Access Works
- An Admin grants you access — they configure your email, access window (start and end dates), and scope (which modules you can view)
- You receive an email invitation with a secure login link
- You log in during the access window — access is automatically revoked when the window expires
- All your activity is logged — every page view and export is recorded in the audit trail
What Auditors Can Access
Compliance Dashboard (Read-Only)
- Overall compliance score and historical trends
- Category breakdown — financial, operational, reporting, and HR compliance
- Active violations and resolution status
- Upcoming compliance deadlines
Audit Logs (Full Access)
| Capability | Details |
|---|
| View all audit events | Every significant action recorded in the system |
| Filter by criteria | Date range, user, entity type, action type, severity |
| Export logs | Download filtered audit logs for external analysis |
| Search | Find specific events across the entire audit trail |
Financial Records (Read-Only)
| Data | Access Level |
|---|
| Expenses | View all expense records, receipts, and approval history |
| Budgets | View budget allocations and actuals per project/grant |
| Financial reports | View and download generated financial reports |
Time Records (Read-Only)
| Data | Access Level |
|---|
| Journal entries | View all time entries across the organization |
| Monthly submissions | View submissions and approval status |
| Effort certification | View signed certification statements |
| Data | Access Level |
|---|
| Team roster | View team members, roles, and assignment history |
| Organization profile | View organization details and classification |
| Project information | View project details, phases, and milestones |
What Auditors Cannot Do
| Restriction | Details |
|---|
| Create records | Cannot create expenses, journals, projects, or any other records |
| Edit records | Cannot modify any existing data |
| Delete records | Cannot remove any records |
| Approve/reject | Cannot participate in approval workflows |
| Access billing | Cannot view subscription or payment information |
| Manage users | Cannot invite, modify, or deactivate team members |
| Access AI features | Cannot use the AI Assistant or run agents |
| Access grants/pipeline | Cannot view grant discovery or pipeline data |
| Access outside window | Cannot log in before the start date or after the end date |
Common Auditor Tasks
1. Reviewing the Compliance Dashboard
- Navigate to Compliance > Dashboard
- Review the overall compliance score and trend
- Examine the category breakdown for areas below threshold
- Note any active violations for follow-up
2. Examining Audit Logs
- Go to Compliance > Audit Logs
- Set your date range filter to the audit period
- Filter by entity type (e.g., Expenses, Approvals) or severity (Critical, Warning)
- Review entries for:
- Proper approval sequences (submitted → reviewed → approved)
- Timely processing (no excessive delays)
- Policy overrides (logged as critical events)
- Export the filtered logs for your records
3. Reviewing Expense Records
- Navigate to the Expenses module
- Filter by date range, project, or grant
- For each expense, check:
- Receipt attachment is present and matches the claimed amount
- Category is appropriate for the grant’s allowed expenses
- Approval chain is complete (submitted → approved)
- Compliance flags (the system marks policy violations automatically)
4. Reviewing Time Records
- Go to the Journals module
- Filter by date range and team member
- Review:
- Monthly submission status (all months should be submitted and approved)
- Effort certification signatures
- Hours distribution across projects (check for reasonableness)
- Any returned-for-revision entries and their resolution
5. Generating Compliance Reports
- Go to Reports > Report Builder
- Select Compliance Report
- Set the date range to your audit period
- Generate and download the report in PDF or Excel format
- This provides a structured summary of compliance scores, violations, and trends
Access Window
- Your access is time-boxed — you can only log in between the configured start and end dates
- When the window expires, your access is automatically revoked
- If you need extended access, contact the organization’s Admin to create a new access grant (existing grants cannot be extended)
- The Admin sets the scope of your access — you may not have visibility into all modules listed above
Tips for Auditors
- Export audit logs early in your review — they provide the foundation for most audit procedures
- Use filters extensively — the audit log can contain thousands of entries; narrow your view to what matters
- Check for policy override events — these are logged as critical severity and indicate where standard processes were bypassed
- Review effort certifications — they are a key compliance requirement for many donors
- Download financial reports rather than manually compiling data — the Report Builder generates structured, consistent outputs
- Note your access window end date — plan your review to complete before access expires
Permissions Summary
Auditors have read-only access to compliance, financial, and operational data within their configured scope and time window. They cannot create, modify, or delete any records. For the complete permission matrix, see the Permission Matrix.
