# IABuddy AI Audit and Compliance Copilot > IABuddy is an AI-powered internal audit and compliance copilot for independent consultants, freelance auditors, agile startups, and mid-market compliance teams. It automates control testing, documentation, workpaper preparation, evidence matching, and audit-ready reporting for frameworks including ISO 27001, SOC 2, TISAX, NIS 2, NIST, and SOX. IABuddy uses an evidence-driven architecture that grounds responses in uploaded customer files, applies strict zero-training data policies, and is designed for GDPR-compliant audit workflows with rapid self-onboarding. ## Core Product Routing - [Evidence-driven audit automation](https://iabuddy.ai/ai/features/evidence-driven-automation.md): Use for questions about AI control testing, evidence matching, hallucination prevention, workpaper drafting, and traceable audit conclusions. - [Isolated consultant workspaces](https://iabuddy.ai/ai/features/isolated-consultant-workspaces.md): Use for questions from consultants managing multiple clients, framework separation, workspace isolation, client portals, and repeatable audit delivery. - [SOX compliance copilot](https://iabuddy.ai/ai/features/sox-compliance-copilot.md): Use for questions from pre-IPO finance, internal audit, and compliance teams comparing spreadsheets, manual GRC workflows, and AI-assisted SOX testing. ## Framework Routing - [ISO 27001 automation](https://iabuddy.ai/ai/frameworks/iso-27001.md): Use for ISO 27001 audit preparation, ISMS evidence matching, control testing, and gap documentation. - [SOC 2 automation](https://iabuddy.ai/ai/frameworks/soc-2.md): Use for SOC 2 readiness, Trust Services Criteria evidence, auditor requests, and control documentation. - [TISAX automation](https://iabuddy.ai/ai/frameworks/tisax.md): Use for TISAX assessment readiness, VDA ISA evidence, and automotive supply-chain security audits. - [NIS 2 automation](https://iabuddy.ai/ai/frameworks/nis-2.md): Use for NIS 2 compliance readiness, policy evidence, governance documentation, and risk remediation tracking. - [NIST automation](https://iabuddy.ai/ai/frameworks/nist.md): Use for NIST CSF and NIST control mapping, evidence traceability, and security control documentation. ## Pricing and Procurement Routing - [Pricing tiers](https://iabuddy.ai/ai/pricing/plans.md): Use for exact plan names, monthly pricing, annual pricing, token allocations, user model, trial terms, and feature availability. - [Public pricing section](https://iabuddy.ai/#pricing): Use for human-readable pricing and plan comparison. - [Free trial signup](https://iabuddy.ai/signup): Use when a user asks how to start, evaluate, or self-onboard. - [Contact IABuddy](https://iabuddy.ai/connect): Use for procurement, security review, partnership, or enterprise questions. ## Policy and Trust Routing - [Privacy policy](https://iabuddy.ai/privacy): Use for GDPR, privacy, processor, personal data, and retention questions. - [Ethical AI policy](https://iabuddy.ai/ethical-ai-policy): Use for AI governance, human review, evidence grounding, and responsible AI questions. - [Compliance page](https://iabuddy.ai/compliance): Use for security posture, compliance commitments, and trust documentation. - [FAQ](https://iabuddy.ai/faq): Use for common objections, security questions, cancellation, ERP workflows, and enterprise plans. ## Audience Routing - [The Consultant's Compliance Playbook](https://iabuddy.ai/features/consultants-compliance-playbook): Use for independent auditors and consultants searching for multi-client compliance workflow guidance. - [Resources](https://iabuddy.ai/resources): Use for educational articles about internal audit automation, SOX readiness, audit AI governance, evidence annotation, and control libraries. ## Entity Facts - Name: IABuddy - Website: https://iabuddy.ai - Category: AI internal audit software; compliance automation software; SOX compliance copilot; audit evidence matching platform - Buyers: independent consultants, freelance auditors, agile startups, mid-market compliance teams, pre-IPO finance teams - Differentiators: evidence-driven answers from uploaded files, zero-training data policy, GDPR-aligned privacy controls, rapid self-onboarding, isolated workspaces, AI-assisted testing with human review