Evidence Management

One place to manage all your security audit evidence

Create an inventory of all automated & manual evidence, ensure each evidence is assigned, kept current, and linked to your compliance objectives.

/_next/static/media/svg-horizontal.85e8651f.svg
/_next/static/media/svg-horizontal.85e8651f.svg
Evidence.svg

Continuous collection

Real-time collection of admin users, MFA status, user permissions, and security best practices from over 25 systems.

Evidence.svg

Automatic gap identification

Automatic control testing to ensure controls are healthy and gaps are remediated in time.

Evidence.svg

Keep it current

Set recurring schedules for manual evidence and let the system track, alert, and remind to ensure timely collection.

Evidence.svg

Assign & track ownerships

Assign evidence to , owner, contributors or teams to track and delegate ownerships.

Evidence.svg

Automatically link to audits

Keep evidence centrally mapped to framework objectives for automated audit submissions

Evidence.svg

Link to JIRA / ticketing systems

Manage evidence centrally by linking ControlMap evidence to JIRA issues or tickets in other ticketing systems.

Evidence collected

Cloud systems

Connect to AWS, Azure or GCP to ensure compliance and automatically collect evidence for your audits,

/_next/static/media/svg-horizontal.85e8651f.svg
connect.svg

Who has access?

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Is MFA Enabled?

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Data at rest is encrypted

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.


connect.svg

Are backups enabled?

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Is monitoring enabled ?

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Security best practices enabled?

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

Evidence collected

Identity Provider & HR systems

Connect to over 25 people system including Azure AD, Okta, Bamboo HR, ADP, etc to populate employee sets

/_next/static/media/svg-horizontal.85e8651f.svg
connect.svg

Populate employee sets

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Track offboarding

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Awareness training completed?

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.


Evidence collected

Asset & Endpoint Management System

Automatically create an inventory of endpoints and other employee devices from MS Intune, JAMF etc

/_next/static/media/svg-horizontal.85e8651f.svg
assets.svg

Endpoint / Laptop inventory

Connect to endpoint management systems to automatically inventory endpoints in ControlMap

malware.svg

Compliance status

Automatically collect evidence of anti-virus protection being enabled, disk protection etc from end point management systems

ownerships.svg

Asset ownership / status

Connect assets to employee-owners in the system to track orphan assets

Evidence collected

Source control systems

Connect to Github, Bitbucket, or Microsoft DevOps to automatically collect evidence from your source control systems

/_next/static/media/svg-horizontal.85e8651f.svg
access.svg

Who has access?

Gather evidence of who has access and what is the level of access to your source code repositories.

mfa.svg

MFA and role based access enabled

Ensure that privileged users have MFA enabled and individual user access is disabled

best-practices-protection.svg

Branch protection checks

Automatic best practices checks such as 'Branch Protection' is enabled for main source code branches.


Evidence collected

Ticketing systems

Connect to JIRA, Connectwise or other ticketing system to share work status between ControlMap

/_next/static/media/svg-horizontal.85e8651f.svg
connect.svg

Sync tickets

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Ingest tickets as evidence

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.

connect.svg

Assign from ControlMap

Is all the coordination for evidence collection slowing your compliance program? Automate all grunt work and expand your compliance.


Simplify evidence management

Book your demo
/_next/static/media/svg-horizontal.85e8651f.svg