Skip to main content
All CollectionsEvidence Library
Linking Evidence to Controls
Linking Evidence to Controls

In order to demonstrate proof of a control, you will link evidence to that control

Updated over 4 months ago

Note: Workspaces does not support linking policies to controls.

Drata allows you to link evidence directly to a control in order to build a repository for your audit. This eliminates the need for a separate storage place for those controls that do not have continuous monitoring tests in Drata.

BEFORE DIVING IN

Admins, Information security leads, Workspace managers, Control managers, DevOps engineer have access to this section within Drata.

Link miscellaneous evidence

On the Controls page, select a control to access the control drawer. On the control drawer, scroll down to CONTROL EVIDENCE section.

To add miscellaneous evidence, select Add within the Miscellaneous evidence section. A modal will appear. On the modal, there are two tabs: File and URL. If you would like to upload a file, select the File tab and if you would like to enter a URL, select the URL tab.

Uploading a file:

When uploading a file, you can include a name and description, but if you opt not to do so, the file name will be populated as the name of the evidence. You are required to enter a creation date and a renewal date – these dates are used to determine the readiness of a control.

The approved file types include: pdf, docx, odt, xlsx, ods, pptx, odp, gif, jpeg, jpg, png, csv, zip, txt, json, markdown, and md. The file upload max size is 25MB.

Adding a URL:

When adding a URL, you’re required to add a name, creation date, and renewal date. You can optionally enter a description. A .csv file with the URL(s) will be available when downloading external evidence.

Save when you all the information has been entered. Learn more about the controls here.

Update a file or URL

To edit a file or URL, select the edit icon on the evidence you'd like to update. Make any changes you'd like to make and click the save button.

Link a policy from Policy Center

On the Controls page, select a control to access the control drawer. On the control drawer, scroll down to POLICIES section.

To link a policy, select Add within the Link policies within Drata section. A modal will open including all of the policies you currently have in Drata.

To link a policy, check the policies you would like to link and select Save. If you want to create a new policy, select Create a New Policy in the upper right corner of the modal.

Note: Drata's templated policies have been automatically mapped to the applicable controls. You can unlink a pre-mapped (or any) policy at any time.

Did this answer your question?