💡 Still using the classic Drata experience? Refer to Company Information Fields FAQs for the original UI.
The Organization details page allows you to manage your company’s core information in Drata, including audit-facing details, compliance URLs, and your Account ID.
This information is used across Drata to represent your organization in policies, compliance documentation, and automated evidence collection.
Several fields on this page are tied directly to automated tests and audit evidence, so updates should be made carefully and only by authorized users.
Prerequisites
To edit Organization details, you must have the Admin role.
Admins can view and update all organization settings
Other users may be able to view limited organization information but cannot make changes
Access Organization details
To open the Organization details page:
Select Settings
Under Organization, select Organization details
Confirm you are on the Org info tab
Organization information
These fields describe your organization’s identity and legal context.
Field | Description | Audit relevance |
Email domain | Primary domain used for company email and website. | Used by monitoring tests (for example, SSL/TLS enforced on company website) to determine which domain to inspect. |
Full legal name (optional) | Official legal entity name of your organization. | Referenced in contracts, policies, and audit documentation. |
Common name | Public-facing or “doing business as” (DBA) name. | Used to pre-populate the company name in Drata policy templates. Changing this later does not automatically update existing policies. |
Incorporation / founding year | Year the organization was established. | Provides organizational context in audit packages and reviews. |
Phone number | Primary business contact number. | Used for customer and auditor contact where a phone number is required. |
Company description | High-level summary of what your organization does. | Helps auditors and customers understand your business; can be used in audit package contexts. |
Company address | Mailing or operating address. | Used in legal and audit documentation where a physical address is required. |
Account ID | Unique identifier for your Drata account. | Read-only; used by Drata Support and internal tooling to identify your tenant. |
SafeBase Organization ID | Identifier used for SafeBase / Trust Center integration. | Read-only; links your Drata tenant to your Trust Center instance. |
Data residency location | Region where your Drata data is hosted. | Read-only; used to demonstrate where customer data is stored for compliance and contractual needs. |
Important:
If you update your Common name, Drata does not automatically update existing policies. To reflect the new name in policies, you must:
Manually update each policy, or
Contact Drata Support for assistance applying the change across templates.
Compliance and public URLs
These fields support customer transparency and automated compliance tests.
Field | Purpose | Related test / control behavior |
Privacy policy URL | Link to your public privacy policy describing confidentiality and privacy commitments. | Used by Test 84: Privacy Policy Publicly Available to confirm a public privacy policy exists. |
Terms of use URL (optional) | Link to your public terms of service/terms of use. | Used by Test 85: Terms of Service Publicly Available to confirm a public terms of use exists. |
Support / Help URL | Link to a support, help, or contact page for customers. | Used by Test 11: Contact Information Available to Customers to verify customers can reach you. |
Security / Compliance email | Dedicated inbox for security or compliance inquiries | Recommended to keep separate from a general support email. |
Note:
If your Terms of Use/Terms of Service are not publicly available (for example, contract-only), you can:
Disable the related monitoring test, and
Upload your standard contract or MSA directly to the mapped control instead.