Skip to main content

Policy Center: Link your policies to your controls

Updated over a week ago

HERE'S WHY

Drata allows you to link your policies to specific controls across supported frameworks. This ensures that your documentation aligns with compliance requirements and allows Drata’s automated tests to verify that the appropriate policies are in place.

Who Can Link Policies?

You can link policies to controls if you have one of the following roles in Drata:

  • Admin

  • Information Security Lead

  • Policy Manager

Important Notes About Workspace Behavior

If your account uses workspaces:

  • You cannot link policies to controls from the Policy Center.

  • You must link them from the Controls page, where workspace context is available.

View Linked Controls

To view which frameworks and controls are already linked to a policy:

  1. Go to the Policy Center.

  2. Select a policy.

  3. Open the Overview tab.

  4. Under the Details section, view the Linked Controls and Frameworks section.

    • If you are not using workspaces, you can also edit control and framework mappings directly from this section.

Link a Policy to Controls (Controls Page)

Control Approval Reminder:

If you link a policy to a control that is already in Approved status and requires approvals, the control’s review status will automatically revert to Prepare for Approvers. The control owners will be notified for re-approval. Learn more at Required approvals.

Note for workspace-enabled accounts:
If your account uses workspaces, this is the supported method for linking policies to controls. You will not be able to link policies from the Policy Center.

If your account uses workspaces, this is the only available method for linking.

  1. Go to the Controls page.

  2. Select a control to open the drawer on the right.

  3. Scroll to the Policies section.

  4. Click Add.

  5. In the modal, select one or more policies you’d like to link.

    • (Optional) To create a new policy during this step, click Create a New Policy in the top right of the modal.

  6. Click Save.

Auto-Mapped Policies

Drata's templated policies have been automatically mapped to the applicable controls. You can unlink a pre-mapped (or any) policy at any time.

Did this answer your question?