The Drata Team

June 2023

AUTHOR: The Drata Team

Learn about the latest and newest features and updates every week. You can also visit the Roadmaps and Ideas page on our app to view upcoming releases or request new ideas.

Newest Updates

Asana ticket creation and management

Create and manage Asana tickets through Drata. For more information, go to Create Tickets for Asana.

CCPA frameworks and CPRA

CCPA Framework aligns with the new standards outlined in the California Privacy Rights Act (CPRA). For more information, go to What do I need to know about the updates to the CCPA framework in Drata.

Custom task and ownership

Create and manage custom tasks and receive monthly email notifications about upcoming tasks for your compliance needs. For more information, go to Tasks.

Risk Management - Residual Risk

Calculate the residual score of a risk, based on the customer’s risk tolerance. Residual Risk is the remaining risk score after the risk has been treated, whether it be through mitigating controls or accepting the risk. For more information, go to Risk Management: Residual Risk.

Trust Center

Update header logo and customize header headline for your Trust page in Drata.

Trust Center Essential

Publish your public Trust page with default public URLs to send to your customers. Go to our demo of the experience to learn more.


Audit Hub

Assign auditors when creating new audits.

Compliance dashboard

With the compliance dashboard, you have an overview of alerts, trends, and tasks to see your organization’s risk and compliance posture. For more information, go to Operational Compliance Dashboard.

Event Tracking

Download or copy the raw JSON response as a txt file or directly copy the JSON response. For more information, go to Event Tracking.

RBAC - Guest administrator

Invite a guest administrator with their email. For more information, go to RBAC - Inviting a Guest Administrator.

ISMS Template Update

Added Annex A under Clause 10 to ISMS 2013 and 2022 templates.

JQL for Jira ticking connection

Provided additional instructions and examples in the entry field for JQL to highlight the importance of using parentheses at the beginning and end of the query.


  • Updated Vulnerability Scan test (Test 21), except if you are using AWS inspector. Test 21 now checks if you have a vulnerability scanner connected. If you don’t have a vulnerability scanner connected, the test will be “unused”. As soon as you successfully connect a scanner, the test is enabled and maps to its respective control.

  • Removed the following test: Records of Risk Assessment (Test 19), Remediation Plan Recorded (Test 20), Records of Penetration Testing (Test 22), Architectural Diagram (Test 24), and Annual BCP/DR Test (Test 29).

  • Mapped DCFs to the removed or updated tests: DCF-26, DCF-19, DCF-17, DCF-21, DCF-16, and DCF-18.

    • If a personnel had these controls or removed tests mapped in the Trust Center, it will no longer have a green or orange status indicator.


Add and view security owners and vendor relationship contacts for vendors. For more information, go to Vendor Directory & Profiles.

Powered by LaunchNotes