Does JupiterOne's SOC2 automation have any manual processes?

[Deleted User]
edited February 2022 in Compliance & Reporting
JupiterOne's compliance app is automated but might require initial configuration done manually?


  • Hi,

    Great question. JupiterOne has automated evidence collection prebuilt for SOC2 Security, CIS AWS, CIS Azure, CIS GCP, and HIPAA compliance. If you use our prebuilt security controls, JupiterOne has pre-mapped the evidence collection questions to these standards/benchmarks. 

    These questions will run daily and collect compliance status. You may want to refine or tweak the questions if desired. You will need to manually upload evidence for the security controls that don't have a data source integrated to collect data from.

    JupiterOne allows users to customize automation for any requirement. If you are using a framework not listed above or custom controls, you have to map the evidence to the controls/the controls to the compliance requirements.

    If you use the "Add Evidence" button, you can select from "Add Question" which links a question that will automatically poll for the latest compliance status. You can use link control to link a pre-existing control that has evidence mapped to it already.

    You an also upload or link to manual evidence.

    Hope this helps!

This Month's Leaders