Audit PBC Request Tracker

The problem this kills

Audit season arrives and your inbox becomes the project plan. The auditors send a PBC list - "prepared by client," the long list of schedules, reconciliations, contracts, and reports they need from you - and from that moment you're the human switchboard. You forward request 14 to Priya, request 22 to José, and the bank confirmations to whoever has the login this year. People reply with files attached to old threads. Someone sends version 2 but you already gave the auditor version 1. Half your week is spent answering "wait, what's still outstanding?" and the other half is spent making sure the auditor didn't get a draft you weren't ready to release.

The status lives in a spreadsheet you update by hand - when you remember. Completion percentage is a guess. You can't see the bottleneck until it's already late. And when a partner asks "did we send them the final lease schedule or the work-in-progress one?" you're digging through email to be sure.

This tool replaces the inbox-as-project-plan with one controlled workflow: a single tracked list, owners who upload their own documents, automatic reminders on what's open, and a hard rule that nothing reaches the auditor until you've reviewed it and pressed release.

What you'll build

A small internal web app, just for your team and your auditors, that:

• Imports your PBC request list from a CSV (item reference, description, area/cycle, owner, due date) and dedupes on the item reference so the same request can't land twice.
• Lets you assign an owner and a due date to each item, then emails each owner what they're responsible for.
• Gives owners a simple screen to upload supporting documents straight into the item - versioned, so the latest file is always clear.
• Tracks status across the lifecycle you define (not started, in progress, submitted, under review, needs rework, ready/released) and shows live completion percentage and the current bottlenecks.
• Sends reminders on open items on the cadence you choose, and escalates items that go badly overdue.
• Puts a hard review gate before release: the controller reviews each completed item and only then marks it ready and releases it.
• Gives auditors controlled, read-only access to released items only - never your drafts or works-in-progress.
• Exports a PBC status report and an organized document set (named and foldered for handoff) in the exact columns and naming your audit firm expects.

What's inside the Implementation Plan

The plan is a single markdown file you paste into Claude Code (a free AI coding agent). It walks the agent through building the whole tool step by step, and every step ends with a ready-to-paste prompt.

The most important part: the plan opens by interviewing you about your audit. Before it writes a single line, the agent asks how your PBC process works today, what tool you use now (Excel, a shared drive, an audit portal), the exact columns and reference scheme on your request list, your real status lifecycle and who is allowed to release, your typical and year-end volumes, your reminder and escalation rules, and your messiest edge cases - "N/A" items, requests split into sub-items, items the auditor returns for rework, late documents that arrive after release, and confidential items only some people may see. It reads a short tailored spec back to you, you confirm it, and only then does it build - so you get a tracker shaped to your audit, not a generic template you have to fight.

Inside you'll find:

• The discovery interview and how the agent turns your answers into the data model.
• The full build: database, login with roles, CSV import with duplicate guards, owner assignment, document upload to secure Storage, the status dashboard with completion percentage, the reminder and escalation emails, the controller review-and-release gate, and controlled auditor access.
• The hard human-in-the-loop release gate and the complete audit trail of every release.
• Verification steps so you can prove it works, and the CSV-export fallback so it's fully usable even before you connect it to your audit firm's portal.

The governance it includes (this is the point)

This isn't a toy. The plan builds in the controls an audit demands:

• Login so only your team and your invited auditors can see or touch anything.
• Row-level security so people only see their own organization's data - and auditors see only the items you've explicitly released, never a draft.
• A complete audit trail - every assignment, status change, upload, reminder, review, and release is logged with who and when.
• A hard human-in-the-loop gate - the tool chases and organizes, but a real person (your controller) must review each item; nothing is ever auto-released to the auditor.
• Duplicate guards so the same PBC item reference can't be imported or tracked twice.
• Files in secure Storage with RLS - documents live behind access rules, served only to people allowed to see that item.

Who it's for

Controllers, assistant controllers, accounting managers, and the ops/BPM folks who run point on the annual audit or review - anyone tired of being the human switchboard between the audit team and a dozen document owners. You don't need to write code. You need your PBC list, the documents your owners will upload, and an afternoon-to-a-weekend.

You've got this - paste the first prompt and let the agent interview you.