Skip to main content
All CollectionsPersonnel
Personnel Offboarding
Personnel Offboarding

This article covers evidence cover how to provide evidence for offboarded personnel.

Updated over 5 months ago

You need to provide proof of action for each off-boarded personnel, such as removing access. With this feature, you can automatically import offboarding evidence from Jira or provide it manually.

Note: Offboarding evidence is now a compliance requirement for former personnel in Drata.

Prerequisites

  • Personnel must have a former personnel status to have offboarding evidence linked to them.

  • To link Jira tickets or automate ticket collection as evidence, ensure you have Jira connection enabled.

    • Linking tickets: When a former employee is selected for review during an audit, only closed tickets in Jira, which is determined by the resolution date Jira field, are included in the evidence download, even if the overall status of the ticket is Closed or Completed.

    • Tickets without resolution date: Apply the DrataAccept label to tickets that do not have a resolution date to ensure the tickets are accepted as valid evidence when off-boarding.

      • Team-managed projects do not have the resolution date field exposed on tickets, therefore must have the DrataAccept label in order to be considered as valid evidence.

    • Automated ticket: For automated ticket matching using JQL, you need to specify a project and an issue type (such as, issue type: story). Currently, we do not support custom fields for automated ticket matching; only Jira default fields are supported.

View personnel's offboarding evidence status

  1. Go to Personnel page and select the settings icon (), and then select Detailed view for the table.

  2. View the Offboarding Evidence column to view who has offboarding evidence and not.

Manually upload offboarding evidence for a former personnel

  1. Select the personnel you want to upload evidence for.

  2. On the drawer, select View / Upload Evidence.

  3. Ensure you are on the File tab and upload file(s) for that personnel.

Manually Link Jira Tickets for offboarding evidence

Note: Only closed tickets will show up as evidence in the audit package

  1. Select the personnel you want to upload evidence for.

  2. On the drawer, select View / Upload Evidence.

  3. Ensure you are on the Ticket tab and paste the URL of the Jira ticket into the Ticket UR field and then, select on the link icon ().

    • Multiple tickets can be linked to the same personnel. All linked tickets will be shown underneath the Ticket URL field.

    • To unlink a Jira ticket from offboarding evidence for a personnel, select on the Unlink button on that ticket.

Automatic Evidence Collection with Jira

Note: We use the resolution date to confirm the ticket has been closed. If there is no resolution date on the ticket, this will not be considered as passing evidence.

You can configure Drata to automatically search and identify offboarding Jira tickets that will be linked to their respective personnel in Drata on the Human Resource page.

  1. Navigate to the Settings page. To go to settings, select your username and then Settings.

  2. On the Settings page, select Human Resources.

  3. On the Human Resources page, scroll down to Automate Offboarding Evidence Collection section and toggle this on. Then select Configure to enter the automation rules. By default it is toggled off.

  4. After you select configure, you can enter the JQL from Jira that provides the list of all offboarding related tickets (past and ongoing).

    • JQL specifications:

      • Must specify project and type (such as issue: story).

      • Do not support custom fields (only Jira default fields are supported).

    • Multiple Jira connection:

      • Select which connection you want to collect the evidence from. Automatic collection is supported in a single connection.

  5. You will be prompted to select one or both personnel criteria to match tickets from that JQL search in the previous step. Selecting both means the ticket must contain the personnel’s name and the personnel’s email.

    • When you select a criteria, select which field in the jira ticket we should look for to find that information.

    • For example, if you select Personnel Full Name and you select Title for that field, Drata will first run the JQL search to obtain all the offboarding tickets. It will then parse those tickets to find a match for a former personnel’s name in the title of those tickets. Any ticket(s) with a match will get linked in the offboarding evidence section of Drata’s personnel page.

      Note: If multiple former personnel with the same exact first name and last name are found, all the matched evidence will be linked for all.

  6. Once you select Next, Drata will search through the Jira tickets using the JQL search and use the matching criteria to provide up to 5 examples of Jira tickets that would be linked to a former personnel record in Drata.

  7. Verify the matched the tickets and if satisfied, select Close. If you are not satisfied with the matched tickets, you can go back to previous steps to modify the matching criteria or the JQL in the previous steps and try to obtain a more accurate result. Once ready, select Close.

Within 24 hours, Jira tickets will get linked as evidence to former personnel. You can manually unlink any tickets by going to the personnel page, viewing the offboarding evidence, and select Unlink on a ticket that Drata automatically linked.

Former Personnel Offboarding Test

We have added a new test that checks whether offboarding evidence is available for all former personnel. The test requirement can be met by providing offboarding evidence manually or automatically via Jira or by excluding personnel.


Did this answer your question?
Drata Help Center
© 2024 Drata Inc. All rights reserved.