Skip to main content
All CollectionsPersonnel
Personnel Overview
Personnel Overview

This article goes over all the personnel section functionalities.

Updated over 3 months ago

The Personnel page offers a centralized location to view the compliance status of all employees and follow up with them as needed.

Prerequisites

  • Access to the Personnel page is restricted to Drata's Admins, information security leads, workspace managers, and personnel compliance managers.

  • Personnel data can be sourced from IDP, HRIS, or manually entered (for former personnel).

Filter personnel table

You can filter the personnel table using the following categories:

  1. Compliance: Filter by compliance status. For example, to display personnel who did not complete their security training, select Security Training.

  2. Filter by Sync Status: Filter based on whether the personnel was found through your HRIS or IDP connection.

  3. Filter by Status: Filter by the employment status of personnel.

  4. Filter by Group: Filter by personnel group. If you did not enable groups in your IDP, you cannot filter by groups. Learn more about group based policies.

To reset your filters, you can select All Current at the top left of the table.

You can also search for a specific person by name or by job title using the search box in the upper right hand corner.

Personnel table details

Each column is sortable, allowing you to order personnel based on compliance and non-compliance. You have two options for the table view: Summary or Detailed.

  • Summary: Provides a general overview.

  • Detailed: Includes all columns from the Summary view with additional columns.

Both the Summary and Detailed views include the following details:

  • Contact Info: Names, emails, and job titles. Job titles are sourced from HRIS or IDP connections, with HRIS connection being the primary source if both are connected.

  • Currently Compliant?: Indicates compliance status with green checks for compliant personnel and red mail icons for non-compliant personnel.

  • Status: Manually change personnel status to current employee, former employee, current contractor, former contractor, or out-of-scope account.

    • Currently, if you make a manual change, it disables the ability for the IDP and HRIS to sync and update that particular field.

    • To resume syncing, reset the manual changes. Learn more at Reset manual changes to a personnel record.

  • Acknowledged Policies: Shows a green check if the personnel acknowledged all policies, otherwise it will showcase a red “x”.

  • Identity MFA: Indicates if the personnel has activated MFA on the identity provider with a green check otherwise a red “x”.

  • BG Check: Shows background check status with green checks for completed, a red “x” for not completed, or a gray person icon for personnel with exclusions.

  • Security Training: Displays a green check if the personnel completed all assigned security training, otherwise a red “x".

  • HIPAA Training: Shows a green check for if personnel completed HIPAA training, otherwise a red “x”.

The Detailed additionally includes:

  • Drata Agent Installed: Indicates if personnel have installed the Drata Agent with a green shield.

  • Password Manager: Indicates if the Drata Agent identifies a password manager on the personnel's computer with a green check.

  • Auto Updates: Indicates if personnel have enabled auto updates with a green check.

  • Disk Encrypted: Indicates if the Drata Agent confirms personnel have their disk encrypted with a green check.

  • Anti-Virus: Indicates if the Drata Agent detects anti-virus software on the personnel's computer with a green check.

  • Lock Screen: Indicates if the screen lock is configured with a green check.

  • OS Version: Records the operating system installed on the employee’s computer.

  • Workstation Serial #: Lists the computer's serial number.

  • Apps: Reports the number of apps on the employee’s device.

  • Hire Date: Edit and view the hire date, which is pulled from either the IDP or HRIS (HRIS is the default if connected). If only an IDP is connected, the record creation date is used as the Drata Hire Date.

  • Separation Date: Edit and view the date a personnel leaves or is let go. If only an IDP is connected, the record suspension or deletion date is used as the Drata Separation Date.

    • To edit the hire and separation date, select the date directly.

    • Manually editing the hire and separation dates can blocks subsequent IDP and HRIS syncs on this personnel record. To reenable this sync, refer to Reset manual changes to a personnel record.

Personnel detail

Select the personnel row to open a drawer which contains more details. You can view the following information or perform the following action on the Personnel Detail drawer:

  • The last time a check was performed.

  • Upload or add the requirements such as adding background check link and when the background check was last conducted for Background Check.

  • View or upload evidence for the security training and MFA.

Download

You can either download Compliance overview CSV or Policy acknowledgement overview CSV for all or filtered personnel.

  • Compliance overview: Contains compliance check details as shown in the table on Personnel page with Detailed view and will also include custom fields if applicable and related with the personnel.

  • Policy acknowledgement: Contains a detailed breakdown of your personnel’s policy acceptance posture, including overall summary statuses and a breakdown of status on each active and assigned policy.

Perform actions on individuals or in bulk

Select the Actions button to perform various tasks for personnel. The available actions change based on whether individuals are selected.

The following actions are available when there are no individuals selected.

  • Add Former Personnel: Add and enter the details of former personnel for tracking purposes and for linking to other accounts (for example, infrastructure accounts to show an audit trail for access control).

  • Resync Personnel: Force a sync with IdP and HRIS connections to update personnel details.

These actions are available whether or not individuals are selected. If individuals are selected, the actions will apply only to them. If no individuals are selected, the actions will apply to all personnel.

  • Reset Security Training: Allows you to reset completed security training requirements.

  • Re-enable IdP/HRIS Sync: Re-enable IdP or HRIS sync to update your personnel details.

  • Reset HIPAA Training: If you have purchased the HIPAA framework, you reset completed HIPAA training requirements.

  • Reset AI Awareness Training: If you have purchased NIST AI framework, you can reset completed AI Awareness training requirements.

The following actions are available when are individuals selected.

  • Send reminder: Send a reminder email about outstanding compliance requirements to the selected individuals.

  • Change employment status: Update selected individual's employee status, hire and separation dates.

  • Attach evidence: Upload a compliance requirement (such as MFA, Security Training, Background check) for selected individuals.

  • Create exclusion: Create compliance check exclusion for selected individuals.

    • For example, you can set up a group in your identity provider with all people that should be excluded from background check. Once that group is set up, you can use the personnel filter to select all the personnel in that group and perform the background exclusion.

    • When a personnel is excluded from background check, the check icon (will be displayed for that person.

Did this answer your question?