Skip to main content
All CollectionsControlsThe Drata Control Framework
Revert to Drata’s latest control template on any control in the DCF Library
Revert to Drata’s latest control template on any control in the DCF Library
Updated this week

HERE’S WHY

Drata’s GRC team creates and manages all controls in the DCF library. These controls help manage your team’s compliance to multiple frameworks at once. However, there are two ways that the language on your DCF controls could differ from what Drata’s GRC team has published:

  1. Your team has decided that more specific language is needed in order to adequately manage your company’s compliance program, so someone made a manual edit to the control.

  2. Drata’s GRC team has published an update to the DCF control to make it more accurate and align it with updated compliance standards.

With this feature, you will always have access to the most current DCF control language as published by Drata’s GRC team.

BEFORE DIVING IN

This feature can be accessed by users with the following roles:

  1. Admin

  2. Workspace Managers

  3. Infosec Leads

  4. Service Group Users

  5. Guest Admins

HERE’S HOW

Go to any DCF control, and click on the “edit” icon. Once you’re in the “edit” experience, you’ll see the option to “View latest template.”

If your company’s version of the control matches Drata’s current published template, you’ll receive a message that Drata has not detected any changes.

If Drata detects that language in your control differs from the language that our GRC team has published, we will show you how your control would change if you accepted the changes to align with Drata’s template.

You can choose to apply Drata’s template to your controls either on a per field basis, or you can apply them all at once.

On the left side, you’ll see the language that your control currently uses. On the right, you’ll see the language that Drata’s GRC team has published for this control’s template.

In the example shown above, you’ll see that the current control for this company has language in the “Control Activity” field (on the left), however the current DCF control language published by Drata’s GRC team does not contain an activity (on the right). If you chose to apply the changes to this field, the result would be that DCF-11 would have the language in the “Control Activity” field removed.

Also in the example above, you’ll see that the current control for this company has different language in the Control Name field (on the left), than the current DCF template published by Drata's GRC team (on the right). If you chose to apply the changes to this field, the result would be that DCF-11 would change from "Annual Access Control Review" to "Periodic Access Control Review."

It should also be noted that you can apply or reject each field independently, OR apply all changes. Let’s say your “Control Activities” field contains information that is very specific to your organization that you’d like to retain, however you’d like to update the “Control Description” to align with Drata’s latest template. Simply select whether you’d like to apply or reject each field, and hit “Save choices.”

After you have saved your choices, they will be applied to your control, but you will still be in the “edit” experience. Verify your verbiage, and then click “save” on the control to solidify your changes.

We’ve added a new audit event for you to keep track of when you’ve applied these changes. The event is “Drata’s templated control language applied.” This is what the event looks like once it’s produced:

For more information about how Drata creates and maintains the DCF control library, check out this help article.

Did this answer your question?