How do I use the JIRA integration as evidence for SOC 2?

Do you have a way of utilizing JIRA integration projects and issues as evidence for SOC2 requirements such as CC1.2?


  • dcpeach
    dcpeach ✭✭✭✭✭
    For the JIRA integration if there are jira_projects and/or jira_issue s that work as evidence for SOC2, then you could map them to the control/requirement that they show compliance for. For example, if you had a jira_project with a displayName of "Privacy & Compliance SOC2 - CC1.2" and jira_issue linked to that, then you might be able to use an informative question/query as evidence for that requirement:
    FIND jira_project WITH displayName="Privacy & Compliance SOC2 - CC1.2" as project 
      THAT has jira_issue as evidence
    RETURN project.displayName, evidence.*
    You can read more about adding Compliance evidence here -

This Month's Leaders