Skip to main content

Manage Tasks in Drata

Manage compliance-related tasks in Drata with ease—track, complete, and get notified about automated and custom tasks in one place.

Updated this week

Staying ahead of tasks is critical to maintaining your compliance posture. Use Drata’s Tasks page to track, create, and manage upcoming or recurring tasks based on renewal dates, reminders, or events such as evidence reviews, policy updates, vendor management, or risk-related activities.

Prerequisite

To verify who has access to this page, refer to Role Administration & RBAC.

Task Overview

Tasks help you manage upcoming items to proactively stay on top of your compliance posture. You can also create custom tasks to suit your specific needs.

How Tasks Are Organized

Tasks appear in a monthly timeline, grouped by both month and task type. This timeline gives you a high-level view of upcoming and overdue items.

  • When a month includes overdue tasks, the task count for that month is highlighted in red.

  • You can select any month to view detailed tasks categorized by type.

Task Types

Drata supports both automated and custom tasks:

  • Policy Renewals (automated)

  • Control Approvals (automated)

  • Evidence Renewals (automated)

  • Vendors Reminders (automated)

  • General

  • Controls

  • Risk Management

Manage tasks

Use filters to organize your tasks by type, owner, or timeframe (month and year). This helps you quickly find the tasks you need to manage.

View and Take Action on Tasks

Once you've located the task:

  1. Expand the task to view further details.

  2. Select Review to go to the related section in Drata where you can complete the task.

    • For example, selecting a task for the Vulnerability Mismanagement Policy takes you directly to the Policy Center page.

Task and Timeline Updates

When you update a task’s renewal or reminder date, the task is automatically moved to the corresponding month on the timeline.

For automated tasks, you can select Review to update the date (such as a policy's renewal date). The tasks are complete and no further action is required.

For custom tasks, you can manually:

  • Mark the task as complete or incomplete

  • Edit the task to:

    • Update its details, owner, or due date

    • Set the task to be recurring

    • Map the task to different controls or risks

    • Delete the task

Risk and Control tasks

You can map a task to a risk or a control in two ways:

  • From the Tasks page: During task creation, choose to map the task to a risk or a control.

  • From the Risk Management or Controls page: While viewing a specific item, go to the Tasks section and create a task. The task will automatically be mapped to the selected risk or control.

When creating a task, you can:

  • Add a title and description

  • Assign a task owner

  • Set a due date

  • Make the task recurring (optional).

Control Tasks

Control tasks are created when you map a task to a control. When you select Review, you're redirected to the Controls page to complete the task.

Risk Tasks

Risk tasks are created when you map a task to a risk. Selecting Review takes you to the Risk Management page, where you can complete the task.

Note: The Risk Management feature includes the role: Risk Manager.

  • Risk Managers can view a filtered timeline on the Tasks page showing only risk-related tasks.

  • Information Security Leads do not see risk tasks, as they do not have access to the Risk Management tool.

Task email notifications

Drata sends task-related email notifications to help you stay informed and take timely action.

Monthly Task Reminder

If you have tasks assigned for the upcoming month, you’ll receive a reminder email on the 15th of the current month. You won’t receive this email if:

  • You have no tasks assigned for the upcoming month.

  • All tasks assigned for the upcoming month are already complete.

  • Only recurring tasks are due next month.

You can manage this notification in your notification settings. Depending on your role, you may not have access to the Notifications settings page.

To manage monthly reminders:

  1. Select your user account to go to the Settings page.

  2. Under My Settings, select Notifications.

  3. Enable Monthly reminder for upcoming tasks.

Required Task Email Notifications

Note: These notifications can’t be turned off.

You’ll automatically receive an email when:

  • A task is created and assigned to you

  • A task assigned to you is edited

  • A task assigned to you is deleted

Tasks and Workspaces

If the Workspaces feature is enabled in your account, there are a few important things to know about how tasks function across environments.

Workspace-Specific Tasks

  • Tasks are workspace-specific. This applies to both automated and custom tasks.

  • Manually uploaded evidence or reports are tied to the workspace in which they were added.

  • Tasks created within a workspace will only appear in that workspace’s task timeline.

  • However, policies and vendors are company-wide objects, so related tasks will appear across all workspaces.

Role-Based Visibility
Only users with the Workspace Manager role can view, create, and filter tasks within their assigned workspace.

Risk Management Tasks

The Risk Management tool is limited to the primary workspace. As a result, risk tasks can only be created and managed within the primary workspace.

Feedback about task management

We are always looking for feedback on how we can improve! If you have feedback on how tasks can better serve your workflow, please let us know. Select on the question mark icon in the upper right corner of Drata and select Roadmap, ideas, and releases to give us feedback directly.

Did this answer your question?