Quick Start is a guided checklist that walks you through recommended setup activities across Drata. Each activity directs you to the appropriate area of the platform, where you complete the required actions.

Quick Start helps you:

Quick Start is organized into sections, each containing one or more activities. Each activity reflects a best-practice step for getting started with Drata. Below is an overview of the sections in Quick Start and what you’ll accomplish in each section.

Enter key company information that helps auditors and monitoring tests understand your organization and compliance scope.

Select Go to Company Info to be redirected to the Company Info settings, where you complete your organization details.

This information provides organizational context used by controls, monitoring tests, policies, and audit workflows throughout Drata.

Connect the systems Drata uses to automate monitoring and evidence collection. These are one of the first connection types you need to make

Connect your identity provider to automatically sync personnel data, track onboarding and offboarding, and support access controls. This helps ensure personnel-related controls stay accurate over time and allows employees to sign in to Drata using your existing authentication system.

Learn more about Identity providers.

Connect your infrastructure services to automatically collect evidence related to system configuration, data storage, and security settings. This reduces the need to manually upload evidence and helps identify configuration issues that could impact compliance.

Learn more about Infrastructure providers.

Connect your version control system to provide evidence for software development and change management controls. This helps demonstrate how code changes are reviewed, approved, and tracked over time without manual screenshots or uploads.

Learn more about Version control providers.

Connect your ticketing system to automatically create and track remediation tasks when tests fail. This helps teams respond to issues more quickly and provides an audit trail showing how and when compliance gaps were addressed.

Learn more about Ticketing providers.

Prepare your enabled frameworks for ongoing compliance by reviewing requirements, scoping applicability, and understanding mapped controls.

You will assign Drata roles to your team, review framework requirements, and review the control scopes.

Note: You must connect your IdP before you can assign roles in Drata.

In this section, you can invite additional Admins and assign roles to the team members who will help manage Drata. You do not need to assign Drata roles to your entire company, only to those responsible for managing compliance in Drata. This does not apply to end users who only log in to complete onboarding tasks.

Learn more about Drata Roles.

In this section, you are redirected to the Frameworks page. This page displays a card for each framework that has been enabled in your account. Frameworks not yet enabled appear below the active ones. Select Learn More on any unavailable framework to get additional details.

Learn more about Frameworks.

Note: Review your framework requirements first.

In this section, you are redirected to the Control page. This page allows you to review the scope of your controls to understand where you have gaps, assign control owners, view evidence, assign approvers mark controls in and out of scope, filter on monitoring, and create new controls if desired.

Learn more about Controls.

Prepare personnel-related compliance workflows, including syncing personnel data, verifying employment status, and configuring internal security and training settings.

Connecting your HRIS to Drata enables read-only access, allowing Drata to identify which personnel are in scope for your audit period and whose access must be tracked.

Note: Set up your identity provider connection first. Drata uses your identity provider to establish your personnel list. HRIS data is then imported to add employment details and validate that list.

The Personnel page provides a centralized view of compliance status for all personnel and includes tools to manage actions such as resetting security training, sending reminders, and applying exclusions. In this activity, you’ll review the page and have the opportunity to perform some of these tasks.

To learn more about this page and its available actions, refer to the Personnel articles.

Select Set up to open the Internal Security page. This page allows you to define how Drata collects workstation configuration evidence, manage security training, and attach visitor logs.

Connect a background check provider, then open the appropriate settings to define how background checks are required for your personnel.

Select Go to Policy Center to open the Policy Center, where you manage policy creation, approval, and acknowledgements. Policies play a key role in framework readiness and personnel compliance.

Learn more about Policy Center.

You do not need to complete every activity in a single session. You can return to Quick Start at any time and continue where you left off.

Once all required activities are complete, Quick Start will show 100% completion.

After completing Quick Start, you can explore additional Drata features such as:

Quick Start is just the beginning! Drata is designed to support continuous compliance over time.