Skip to main content

Archive and restore policies

This article explains when policies can be archived, why some policies can’t be archived, and how to restore archived or replaced policies.

⚠️ Select your experience

The steps depend on your interface version. Select a link to skip to the instructions for your version.

Customers who joined Drata on or after Feb 24, 2026 are automatically on the New Experience.

Instructions for the New Experience ⬇️

Archiving and restoring policies allows you to manage policy lifecycle changes without losing audit history. Drata preserves evidence, mappings, and version history so you can adapt policies while maintaining compliance continuity.

Use archiving to retire policies you no longer need while preserving audit history. You can restore archived or replaced policies at any time if requirements change.

Prerequisites

Some policies can’t be archived if they are required for active compliance workflows or Service Level Agreements (SLAs). Additionally, Drata templated policies in versions cannot be deleted. Attempting to delete such policies will revert them to the previous version.

Policies that can’t be archived

Some Drata-provided policies don’t show an Archive option. This is expected.

Policies may be non-archivable when they:

  • Are tied to active SLAs

  • Are required for automated compliance tracking

  • Serve as baseline templates for acknowledgments, onboarding, or monitoring

Additionally, some policies cannot be deleted due to system constraints or their role in compliance workflows.

Common examples include foundational policies such as:

  • Information Security Policy

  • System Access Control Policy

  • Vulnerability Management Policy

Displays a policy that cannot be archived because it has a SLA

What happens when you archive a policy

When you archive a policy:

  • The policy is removed from active use

  • The policy no longer serves as evidence for mapped controls

  • Any mapped monitoring tests are disabled

  • The policy remains available in archived records for audit history

Archiving does not delete the policy.

Archive a policy

  1. Open Governance → Policies.

  2. Make sure you are on the Active tab.

  3. Select the ellipsis (⋯) next to the policy and choose Archive.

  4. Review the confirmation modal.

  5. Select Archive to confirm.

Policies that need to be archived

If you can’t archive a policy, it’s likely because the policy is required for active compliance or tied to an SLA.

Restore an archived or replaced policy

You can restore policies that were previously archived or replaced. When you restore a policy:

  • The policy becomes active again

  • Previously mapped tests are re-enabled

  • The policy can be used again for acknowledgments and compliance evidence

Restore a policy

  1. Open Governance → Policies.

  2. Open the Archived or replaced tab.

  3. Locate the policy you want to restore.

  4. Select the ellipsis (⋯) and choose Restore.

  5. Review the restore confirmation modal. The modal lists tests that will be re-enabled.

  6. Select Restore to confirm.

Instructions for the Classic Experience ⬇️

HERE'S WHY

Drata's Policy Center includes several policy templated policies as well as the ability to create your own policies. Drata allows you to archive any policies you don’t wish to use, whether templated policies or a policy you created. Understanding when to archive versus delete policies is important for effective policy management.

BEFORE DIVING IN

  • Admins and information security leads will have access to archive policies with Drata.

  • Policies tied to SLAs or critical compliance frameworks often cannot be archived. For instance, core template policies like "System Access Control" or "Vulnerability Management" may remain unarchivable due to their role in automated compliance tracking.

Understanding Non-Archivable Policies in Drata

Some Drata-provided policies—such as the Information Security Policy, System Access Control Policy, and Vulnerability Management Policy—may not display an Archive option. This is because these policies are used as foundational templates within key compliance workflows, including onboarding, acknowledgments, and certain automated monitoring activities.

To prevent disruption to these workflows, Drata restricts archiving when a policy is actively in use or functions as a baseline template for the environment. Administrators may still update, replace, or customize these policies as needed.

Archive a policy

  1. Navigate to the 'Policy Center' and ensure you are on Active Policies tab.

  2. Select the archive icon in the row of the policy you want to archive.

  3. Confirm you decision on the Archive Policy modal.

    1. The modal displays a list of mapped tests that will be disabled if the policy is archived.

    2. Archiving a policy also removes it as evidence from any mapped controls.

  4. Select Archive to accept and archive. If you're unable to archive a policy, it is likely because it is tied to an SLA or is required for active compliance purposes.

Policies can only be archived when they are no longer used in any active workflow, such as acknowledgments, onboarding tasks, or control mappings. Some Drata-provided baseline policies do not offer an archive option and remain available as templates even after a replacement policy is activated.

Restore policy

If you change your mind and want to use a policy you've archived, you can easily restore it. Learn more here.

Related Articles
Configure Policies to Support Compliance Test Completion in Drata
Policy Center Overview
Create a policy
External Policy: Use BambooHR to manage your policies
Map policies to controls in Drata (New Experience)
Did this answer your question?