Evidence Library will replace Reports & Docs in Drata

Audit downloads with Evidence Library have been updated: This will only impact items in Evidence Library that are included in any audit download.

External Evidence in controls will be renamed to Miscellaneous evidence. Anything attached here will not be impacted with the release of Evidence Library. You can continue to attach evidence to a control as miscellaneous evidence.

All files in reports and docs will be migrated automatically to Evidence Library with linked controls

Evidence Library is workspace specific – just like reports and docs.

You can only update evidence to create a new version in Evidence Library.

Only the current version of evidence is linked to controls. Version history can be viewed in Evidence Library.

A previous version of evidence cannot be brought back as the current version.

Supported document types for Desktop upload are .pdf, .docx, .odt, .xlsx, .ods, .pptx, .odp, .gif, .jpeg, .jpg, .png, .md, .zip, and .txt. For cloud storage, we support the following extensions: pdf, .docx, .odt, .xlsx, .ods, .pptx, .odp, .gif, .jpeg, .jpg, .png

Maximum file size allowed for zip file is 100MB and 25MB for other formats

Click on Add Evidence in Evidence library

Enter a Name, Description, and Owner for this evidence

To upload a file, select File from the Source dropdown and Attach file.

You can either upload Evidence locally, or select a preferred Cloud file provider to connect your business account with.

When connecting with Google, allow Drata to access 'See your Google Drive labels' to view the labels in Evidence Library. If you do not allow this, the labels are not viewable in Evidence library.

Use Microsoft OneDrive as an example, after clicking Connect, you will log into your preferred work account using the right credentials.

If you have more than one Drive associated with the same account, select the preferred Drive name from Drive dropdown, then click Save.

You will now be able to browse all the Cloud files available from your account directly from Drata.

You can click the search icon to find your files or folders with keywords.

Once you’ve uploaded a file, fill out the Creation date and Renewal date.

You can optionally link this evidence to controls. Select on Link controls to search and multi-select controls you want to link the evidence to.

Linked controls will be shown in the Linked Controls section for the evidence

You can unlink a control by expanding the control tile and clicking the Unlink icon.

Once you click Save, the evidence will be created and linked to the respective controls in Drata.

On the Controls page, select a control to go to the Control Evidence section. Select Add in the Evidence Library section.

Click on Add Evidence.

You can fill out the evidence details, upload a file or URL, and link other controls. When you click “Save”, you will be taken back to the control drawer. Any changes made within the control drawer will also be synced to Evidence Library.

You can view all evidence in your evidence library grouped by Name, Linked controls, Renewal date, and Actions. Evidence that’s approaching its renewal date will have a yellow renewal date. Evidence that’s past its renewal date will have a red renewal date.

You can use the search bar to search for evidence by name or linked control. Click on the evidence to view the details

You can view the details of evidence: The name, description, and owner can be edited at any time.

The Current version of the evidence can be viewed with its associated creation and renewal date. You can view the evidence in a new tab by clicking View

In the Linked Controls section, you can view and edit any linked controls.

You can view the version history of the evidence by expanding the Version history section. The associated creation date and renewal date for all versions will be shown. You can view any past version in a new tab by clicking View

On the Controls page, go to the Control Evidence section of your control. Expand the Evidence Library section. You can see the evidence name with its associated creation and renewal date.

When you click on the evidence name, you can view the evidence details within the control drawer. You can make any edits as well. You can click on “Back to DCF-XX” at any time to go back to the control drawer. If you have made changes, please click on “Save”, which will save changes and take you back to the control drawer. Any changes made within the control drawer will also be synced to Evidence Library.

You can view the evidence in a new tab or unlink the evidence from the control by clicking on the icons.

Click on the evidence in Evidence Library. Click on Update

Upload a new file from your computer. Enter a new creation and renewal date.

You can edit any part of the evidence details as well. Once you’re ready, click Save to sync changes to all linked controls.

You can see the new version you created with all the version history as well.

Only the current version of evidence is linked to the controls. Version history can be viewed in Evidence Library.

If you are migrating evidence from Reports & Docs, you may wish to have multiple files show as versions of one piece of evidence in Evidence Library. To accomplish this:

Click on the evidence you want to delete in Evidence library. Click on the trash icon at the top. Deleting evidence is a permanent action. The evidence will be removed and deleted from all linked controls.