Configuring your Drata Internal Security page is key to fulfill several of the controls within the SOC 2 framework. On this page, you can select the Drata embedded security awareness training to enhance your employees onboarding experience. This training includes modules on phishing, malware awareness, and security policy adherence, ensuring alignment with SOC 2 compliance standards.
BEFORE DIVING IN
Only account administrators have access to this section within Drata.
HERE'S HOW
On the Internal Security page under the Security awareness training section, select either Drata's embedded training or integrate an external training provider based on your organizational needs.
Use Drata's embedded security training.
When employees go through their onboarding within Drata, they will then access the embedded training under the Complete Security Awareness Training task (see below). Your employee will start the training by clicking Begin Training. When your employee completes the training, Security Awareness Training will show completed in their onboarding task list and within the Personnel page. Drata also provides tools for tracking compliance status updates as employees complete their training. Monitoring such statuses ensures adherence to recurring security training cycles, with options to reset or archive records as needed.
Common Questions and Issues
What does a “pending” status mean?
A “pending” status indicates that the user has not completed the ongoing training cycle. Training must be completed per the configured schedule (e.g., annually), and pending personnel remain as such until they fulfill their required modules.
