Skip to main content
All CollectionsControls
Exporting your control mapping
Exporting your control mapping

Download your control and requirement mapping for distribution

Updated over a week ago

Often, your auditor or internal team will request a mapping of your controls and requirements. Drata allows you to export them for easy distribution.

BEFORE DIVING IN

Only account administrators or information security lead have access to this section within Drata.

HERE'S HOW

In the upper right corner of your 'Frameworks' page, select the settings icon.

You will then be given the option to download 'Requirements to controls' or 'Controls to requirements'.

  • Requirements to Controls is looking at the data starting with the SOC 2 TSC, so SOC 2-specific data mapped to the controls with a line item for each SOC 2 Requirement, Controls may be listed multiple times in column F.

  • Controls to Requirements is looking at the data starting with the Drata Control Framework controls, so a line item for each control which will be mapped to multiple requirements.

Upon downloading, you will be provided a CSV file including your controls and requirements. Any controls that have been marked as 'Out of Scope' will not be included in the CSV download.

Did this answer your question?