Skip to main content
Download-Only Audit Experience
Updated over a week ago

BEFORE DIVING IN

This feature can be accessed by account administrators and information security leads.

HERE’S WHY

This feature was created for people who plan to conduct their audit outside of Drata, but still want to use Drata’s downloads available in Audit Hub. This feature allows the customer to create an audit in Drata and select their own samples, without relying on an auditor to select these samples for them.

HERE’S HOW

When you click “create audit” in Audit Hub, you’ll now see two options; you can either opt to conduct the audit in Drata, or you can elect to just select the option that gives you the audit downloads. Selecting the first option will lead you to create a collaborative audit that you can invite an auditor to participate in. The second option will give you complete control over your audit samples for the purposes of the audit downloads.

Next, fill out your audit details. Select the framework you’ll be audited on, as well as the period you’ll be audited for.

After that, select your audit samples. This step is where you’ll need to collaborate with your auditor, as this is usually selected by your auditor. The audit sample dates must be dates within the audit period you selected on the previous step. The audit sample dates also dictate which personnel you can select within the personnel selection fields on this step. You can always edit these details after the audit is created.

Finally, you’ll review all your selections before creating the audit.

Once the audit is created, you’ll notice that it is very similar to an audit that is conducted through Drata in collaboration with your auditor.

💡 Sometimes the audit package and control evidence take a little while to download, as they contain a lot of information. Feel free to go about your work while it’s generating; we will send the person who created the audit an email once the downloads are generated and ready to be downloaded.

You can update your audit sample and audit details at any time. The only detail that is unable to be changed after creation of the audit is the framework itself.

Did this answer your question?