Create audit finding | Comp AI API

curl --request POST \ --url https://api.trycomp.ai/v1/findings \ --header 'Content-Type: application/json' \ --header 'X-API-Key: <api-key>' \ --data ' { "type": "soc2", "content": "<string>" } '

Authorizations

X-API-Key

string

header

required

API key for authentication

Body

application/json

type

enum<string>

default:soc2

required

Framework this finding is attributed to (must match a framework the organization has enabled)

Available options:

soc2,

iso27001,

pci_dss,

hipaa,

gdpr,

iso9001,

iso42001

content

string

required

Finding content/message

Maximum string length: 5000

taskId

string

Task ID

evidenceSubmissionId

string

Evidence submission ID

evidenceFormType

enum<string>

Evidence form type

Available options:

board-meeting,

it-leadership-meeting,

risk-committee-meeting,

meeting,

access-request,

whistleblower-report,

penetration-test,

rbac-matrix,

infrastructure-inventory,

employee-performance-evaluation,

network-diagram,

tabletop-exercise

policyId

string

Policy ID

vendorId

string

Vendor ID

riskId

string

Risk ID

memberId

string

Member ID (person this finding targets)

deviceId

string

Device ID

area

enum<string>

Broad area when the finding is not tied to a specific item

Available options:

people,

documents,

compliance,

risks,

vendors,

policies,

other

severity

enum<string>

default:medium

Severity

Available options:

low,

medium,

high,

critical

Response

201 - undefined