Skip to main content
All CollectionsSettingsCompany Settings
Company Information Fields FAQs
Company Information Fields FAQs
Updated this week

The Company Info page contains key fields that provide essential information about your organization. Each field serves a specific purpose, including:

  • Provides Context for Auditors and Customers: Information entered in these fields helps stakeholders understand your organization’s identity, commitments, and operations.

  • Satisfies Drata controls: Specific fields are tied to Drata’s Monitoring Tests, helping you satisfy compliance controls.

To update your company information, navigate to: User Account > Settings > Company Info.

Understand the purpose of the Company Info Fields

This section explains each of the field, its purpose, and how it relates to Drata controls.

  • Email Domain: The primary domain used by your company for your website and employee email addresses.

    • Related test: Test 70: SSL/TLS Enforced on Company Website

    • Related control: DCF-55: SSL/TLS Enforced

  • Common Name: The name your company operates under, such as a DBA ("Doing Business As").

    • Important Note: When Drata initially creates your account (tenant), the Common Name field is used to pre-populate the Company Name that appears in policies. If you update this field, the previous policies will not be automatically updated. You can either manually update the policies to reflect what you entered or open a support ticket to update the change for you.

  • Full Legal Name: The official name of your company as recognized in legal documents and authorities.

  • Incorporation / Founding Year: The year your company was legally established.

  • Phone Number: The primary phone number that your company uses to directly receive calls from stakeholders, clients, and partners.

  • Company Description: A high-level summary of your organization, including what you do and the value you provide.

  • Mailing Address: The physical location where your company operates or receives correspondence, packages, and mail.

    • We recommend filling this field out with specific information such as:

      • PO Box (if applicable)

      • Street Name

      • Suite or Apt Number

      • City, State, Postal Code, Country

  • Privacy Policy URL: A public link to your company’s Privacy Policy, which details your company’s confidentiality and privacy commitments to your customers.

    • Related test: Test 84: Privacy Policy Publicly Available

    • Related control: DCF-65: Maintains a Privacy Policy

  • Terms of Use URL: A public link to your company’s publicly available terms of service where you outline your security and availability commitments to your customers.

    • Related test: Test 85: Terms of Service Publicly Available

    • Related control: DCF-66: Maintains a Terms of Service

    • Note: In cases where a Terms of Service is not applicable or not publicly available, you can disable the test and upload a copy of your contract template directly to the control. For more information, please see Terms of Service Guidance: DCF-63 and DCF-66

  • Support/Help URL: A public link where customers can submit questions, report complaints, or disclose security concerns.

    • Related test: Test 11: Contact Information Available to Customers

    • Related control: DCF-8: Disclosure Process for Customers

  • Security/Compliance Email: An email address for customers to report security issues or contact your security/compliance team. This is best positioned at your website, but this can also be indicated in your contracts with your customers. This email may be [email protected] or [email protected].

    • Important note: This email receives notifications from your Trust Center such as requests to access Trust Center documents and reports. We recommend separating this from your generic support email.

  • Sample MSA (Master Service Agreement): This is to show that you have formal agreements in place with customers explaining your commitments to them and what they are responsible for. In lieu of a Master Service Agreement, you can use other contracts such as Terms of Service, Service Agreement, Statement of Work, etc.

    • Related test: Test 83: MSAs Offered to Customers

    • Related control: DCF-64: Commitments Explained to Customers

    • Note: If you have multiple products, you can upload one here and upload the rest directly to DCF-64: Commitments Explained to Customers, under Map External Evidence.

Did this answer your question?