Please ensure the admin connecting Confluence to Drata has administrative access to the spaces that contain the policy pages in Confluence.

With this integration, customers still need to use Drata to approve policies and personnel will need to log into My Drata to acknowledge them.

When you import a file from Confluence, Drata saves the raw file as well. For compliance purposes, we will keep the document as well as all the policy center data (versions, approvals, and acknowledge)

After syncing a modified file from Confluence, if you refresh or leave the page, you will need to click on “sync file” again. We will only maintain the modified state while you are in the policy builder. Once you take action to revert or update the policy, we will save changes.

At this time, macros are not supported. Content formatted with this approach will not render as expected in the Drata Policy Editor.

With this integration, customers still need to use Drata to approve policies and personnel will need to log into My Drata to acknowledge them.

Only pages in communal spaces can be linked in Drata. Personal pages or those in private spaces will not be options for you to link as a policy.

Draft pages cannot be linked in Drata as a policy. Please publish the page in a communal space.

You cannot edit the externally linked policy content in Drata. Please continue to manage the content in Confluence and changes will be synced in Drata.

If an externally linked policy is deleted in Confluence by a user, you will be prompted to import a new file. The file itself along with all other policy related data will not be affected if this happens.

Importing a file from Confluence will only include the file contents and not any attachments.

In your Connections page, click on Available connections and select the External Policy Management type. Scroll down to Confluence and click on Connect

Follow the instructions in the slide out panel.

Go to Policy Center and click on Import Policy

Fill out the Policy Details

Decide which personnel this policy is assigned to.

Click on Browse Files. Select one file from Confluence you would like to import to Drata. Click on Import

You can replace Drata policies when you import a file from Confluence. Doing this will map any tests or controls to that Drata policy to the Confluence file instead. Click on Select Policies and then select the Drata Policies you’d like to replace.

Once you’ve filled out the policy details, click Save

The file is now available in your Policy center and will be marked as Linked

Note: when you import a policy, you cannot edit the content within Drata. You can only view the content that is in Confluence.

Note: Confluence only allows us to export the file as html via API so some of the formatting may not be preserved when presented in Drata.

Click on the edit icon for a policy. In the Policy Builder, you can update the policy name, renewal date, owner, description, assigned personnel, and the policies that were replaced. If you make changes make sure to Update Policy for those changes to be saved

On a daily basis, Autopilot will check if all externally linked policies still exist in Confluence.

When a user in confluence deletes a file that was linked in your Drata Policy Center, please go to your Policy Center. You can see which policies were deleted.

Please import and associate a new file to the policy that was deleted. Click on the Edit Icon and click on Import New File

Please fill out the details for the new file you are importing.

Note: when you import a file from Confluence, Drata saves the raw file as well. For compliance purposes, we will keep the document as well as all the policy center data (versions, approvals, and acknowledge) even after it was deleted in Confluence.

On a daily basis, Autopilot will check all externally linked policies if there have been any modifications made in Confluence since the last time Drata made a sync for that file.

When a user in Confluence modifies a linked file in your Policy Center, the policy owner will be notified via email that there have been changes made to the policy. Come to the policy center and edit the policy that was modified

Click on Sync to the newest version. This will pull the latest version of the file from Confluence into Drata.

You are still able to edit any of the policy details. To view the modification history, click on View modification history. This will open a new tab in your confluence account comparing the version that was found in Drata with the one synced from Confluence.

While viewing the synced policy, you can decide to revert to the current version in Drata. Click on Revert to version {x}. Doing this will dismiss the file that was synced from Confluence and keep the file that was already in Drata. No changes will be made to the version and this cannot be undone.

After reviewing the changes, you can click on update policy. You will be asked if the changes are material or not. If the changes are material, a new version will be created with the file. This will prompt the policy owner to approve the changes as well.

Once the policy owner approves the version, all the assigned personnel will need to log into My Drata to acknowledge the new version of the policy.

After reviewing the changes, if you update the policy and determine it’s not a material change, the version will stay the same and the owner will not need to approve the new changes. All references to the policy will be updated with the new file (Personnel’s My Drata, Controls, Audit downloads, etc.).

If you make a modification to a file in Confluence and want to sync changes in Drata before Autopilot runs again, edit a policy and click on the Actions and click on sync file

This will allow you to make updates to the linked policy at any time.

As a policy owner you still have the option to delete a version before you’ve approved it.

You can continue to delete versions that are not approved.

The Confluence policy integration only handles the policy content. Policy review, approval, and acknowledgement still occurs in Drata. Assigned personnel can log into My Drata and expand the Review & Acknowledge Company Policies section

Personnel can view the confluence linked policy and acknowledge it.

Relevant tests, controls, and personnel data will be updated accordingly. If the policy is referenced in Drata – in a control or in the Audit package– it will be converted into a pdf when downloaded.