Managing your security compliance can require coordination and collaboration with other members of your organization. Drata makes this easier by integrating with the tools you already use on a daily basis, including Jira. By configuring ticket automation rules in Drata, you can have tickets automatically opened for key control and test events.

When Jira is connected, you have the option to grant ‘Write Access’ to Drata. This allows you to create Jira tasks associated to a specific Control, Test, or Risk (in risk management) directly from Drata.

You can enable 'Write Access' either when first setting up the connection or by editing the connection after the fact. If you enable it after the connection was established, you will NOT be required to re-establish the connection.

NOTE 1: While you can connect multiple Jira accounts in Drata, 'Write Access' can only be enabled for one connection.

NOTE 2: You must be logged into the Jira connection you are editing to be able to make changes.

NOTE 3: If you are not able to create a ticket or to enable/disable 'Write Access', you might not be logged into the correlating Jira account.

NOTE 4: If you ever see any inconsistencies between your company’s Jira board and Drata, please refresh Drata to see the updated information.

When ‘Write Access’ is enabled you are able to select which workspaces the automation rule can apply to as the first step, if you have more than one workspace. Otherwise your automation rules will apply only to your primary workspace and you will NOT have the ability to select a workspace in Step 1.

In the next step, you are able to create ticket automation rules for three events:

NOTE: Once a rule is saved, the event type cannot be changed. If you wish to change the event type, delete that rule and create a new one.

You can also add scope specification to narrow down the controls or tests that you want the rule to apply to.

For controls you can specify by:

For tests you can specify by:

After specifying the event and scope, you will select a Jira project and Ticket type. Then enter the relevant ticket details. This includes entering values for all required fields on that Jira ticket type.

NOTE 1: Drata automatically determine the Jira “Summary” and “Description” more on that below.

NOTE 2: Required fields are configurable within Jira by an administrator.

NOTE 3: Some uncommon field types, such as “Radio Buttons,” are not supported. If your ticket type requires a field with an unsupported type you will need to remove it from the required fields within Jira or request support for that field type from Drata.

NOTE 4: If you connect Jira in multiple workspaces, you will be able to create ticket rules in each workspace, but the Ticket Automation will only execute with the data of the primary workspace.

Finally, you will need to give your new rule a name so you can easily identify it within the rules list.

Ticket automation rules run overnight and create tickets for all matching events where an automated ticket has not previously been created. Below are examples of the “Summary” and “Description” values Drata automatically populates for each ticket.

A test result is “Failed”:

A Control’s readiness result is 'Not Ready':

You can edit and delete ticket automation rules from the ticket automation rule list. You’ll also be able to select which workspace the rule applies to, when editing.

NOTE: Once a rule is saved, the event type cannot be changed. If you wish to change the event type, delete that rule and create a new one.