Private alpha — onboarding a small number of nonprofit audit practices. Request access →
Audit platform · Nonprofit engagements

Evidence in once.Used everywhere.

The system drafts the engagement. The auditor reviews, concludes, and signs — and every figure can show exactly where it came from.

Built with a practicing CPA reviewer · Designed for peer review

Traceability clickany line to trace it
Chain
Statements & notes05

Click a number. The source document opens to the page — and the sentence it came from.

Once

A document is captured a single time.

Uploads route through one evidence service, then flow to every audit area they support. No re-uploading the same PDF into four tabs.

Product rule — not a statistic
Every

Figure carries page, quote, and confidence.

If the system can't show where a number came from, it doesn't propose the number. Provenance isn't a feature here — it's a precondition.

Product rule — not a statistic
Zero

Prior-year values are ever deleted.

When current-year evidence contradicts last year, the prior value is marked superseded — visible, dated, attributable. History is never rewritten.

Product rule — not a statistic
The problem

Close the traceability gap.

Audit software remembers where a file lives. It doesn't remember why you concluded what you concluded — so the reasoning ends up in someone's head, and review becomes archaeology.

Today

  • The same PDF is uploaded into every tab that needs it.
  • Why a number was chosen lives in a memo, if anywhere.
  • Peer review begins by reconstructing what happened.

AssureTrail

  • A document is captured once and routed everywhere it's needed.
  • Every proposal shows its evidence and last year's baseline.
  • The review trail is built as the work happens.
The platform

The system drafts. The auditor decides.

Every proposal arrives with the evidence it used and the prior-year baseline beside it. Accept, edit, or reject with a reason — the decision and the rationale both land in the file.

01 — Evidence intake

One inbox for every document.

Uploads from anywhere in the engagement route through a single evidence service — classified, extracted, and triaged into buckets an auditor actually thinks in.

  • Missing-document alerts derived from the audit program
  • Vision rescue fires only when extraction genuinely fails
  • Clean native-text documents stay cheap to process
Evidence inbox148 records
118
Understood
14
Needs review
09
Missing
02
Conflicted
02 — Analytics, then risk

Variance drives risk. Not the other way around.

Expectations are built first, from prior year and the current trial balance. What doesn't match becomes the reason a risk exists — with the evidence attached to the proposal.

  • Analytics precede risk assessment, always
  • Significant-risk designation stays the auditor's call
  • Rejections require a reason — and it goes in the file
Proposed risk — awaiting the auditorRISK 07
Significant risk — proposedRevenue recognition

Grant revenue recognition and restriction compliance. Revenue rose +32.0% against an expectation of roughly +6% built from prior year and award schedules. Three new federal awards were signed mid-year with purpose restrictions.

03 — Review & signoff

A signature that means what it says.

A signoff binds to the exact content it approved. Change that content and the signature doesn't quietly carry — it's invalidated and surfaced for re-review.

  • Escalation parks the note and blocks signoff until it clears
  • EQCR and concurring reviewer modeled as distinct roles
  • Every action appends to a per-firm hash chain
FS 3.0 · workpaper stateNA-03
Signoff invalidatedFS 3.0

The workpaper content changed after M. Lee signed it. The signature was bound to the version it approved, so it did not carry forward. Re-review required.

Peer review

Built to survive the reviewer.

Everything the software records becomes part of the file. "Why did you conclude that?" and "show me the evidence" should already have answers sitting in the record.

01

Methodology, versioned and pinned

An engagement stays on the methodology version it started on, so the reviewer sees exactly which rules governed the work. Mandatory updates can be pushed to in-flight engagements — and the push is logged.

02

Every judgment carries its reason

Materiality, risk, scoping, and overrides record the why, the evidence used, and the prior-year baseline — not just the number that came out the other end.

03

An audit trail you can't quietly edit

Every action appends to a per-firm hash chain. Records can be added — they cannot be silently altered, backdated, or removed.

04

The whole file, exportable

Workpapers, evidence, provenance, review notes, and signoff trails are built to export in a form a peer reviewer or successor auditor can actually read. No lock-in.

Security & data handling

No training on your dataClient documents are never used to train models.
Row-level firm isolationEnforced in the database itself, fail-closed.
Append-only audit ledgerHash-chained per firm. Tamper-evident by construction.
Full engagement exportTake the entire file with you, any time. No lock-in.

Run the next engagement on one connected record.

AssureTrail is in private alpha, built alongside a practicing CPA reviewer. We're onboarding a small number of nonprofit audit practices.

[email protected]