Drata

Many customers have asked how to know which Infrastructure provider to connect to Drata (if you use multiple). We consulted with our auditor partners, and you will want to consider first, where your customer data is stored. Typically SOC 2 only looks at production systems and excludes non-prod environments. 

The exception would be is if the Dev environment is where developers are writing and storing their code, if so you would need to look at that environment for your audit as well to ensure access to source code was locked down.

If you have multiple infrastructure providers, not all may be in scope for your SOC 2 audit

Prioritizing an Infrastructure to connect to Drata

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you