Drata

Often, your auditor or internal team will request a mapping of your controls and requirements. Drata allows you to export them for easy distribution. 

Only account administrators or information security lead have access to this section within Drata.

In the upper right corner of your 'Frameworks' page, select the settings icon. 

You will then be given the option to download 'Requirements to controls' or 'Controls to requirements'. 

Requirements to Controls is looking at the data starting with the SOC 2 TSC, so SOC 2-specific data mapped to the controls with a line item for each SOC 2 Requirement, Controls may be listed multiple times in column F.

Controls to Requirements is looking at the data starting with the Drata Control Framework controls, so a line item for each control which will be mapped to multiple requirements.

- Requirements to Controls is looking at the data starting with the SOC 2 TSC, so SOC 2-specific data mapped to the controls with a line item for each SOC 2 Requirement, Controls may be listed multiple times in column F.
- Controls to Requirements is looking at the data starting with the Drata Control Framework controls, so a line item for each control which will be mapped to multiple requirements.

Upon downloading, you will be provided a CSV file including your controls and requirements. Any controls that have been marked as 'Out of Scope' will not be included in the CSV download.

Download your control and requirement mapping for distribution

Exporting your control mapping

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

BEFORE DIVING IN

HERE'S HOW