1. Vanta
  2. Continuous Compliance
  3. Policies

Policies

Creating Custom Frameworks

  • Updated

With Vanta, users can create custom frameworks and leverage Vanta's library of tests and evidence for your organization's security program.  If you think this premium solution would benefit your company, contact your Account Executive or support@vanta.com for more information! 

 

Creating a Custom Framework

  • From the left-hand navigation panel, select Frameworks
  • The Frameworks page will showcase current progress for frameworks your organization is adhering to and provide additional information for Vanta's available frameworks
  • From the Frameworks page, select + Add a Framework

Screen_Shot_2023-01-24_at_1.35.14_PM.png

  • Complete the information from the pop-up modal
  • When uploading files, keep the following information in mind:
    • The column names must be in the format of Section ID, Section Name, Section Description, Parent Section ID, and Control IDs

The column values are validated against the following:

  • Section ID: must be non-empty and unique
  • Section Name: must be non-empty and unique
  • Section Description: no restrictions
  • Parent Section ID: Must point to another section ID
  • Control IDs: The IDs of the custom controls to list under this section
  • Section Type: Mark any parent sections explicitly as parents by filling in p. Rows left blank will be auto-populated as c and be considered child sections
    • Parent sections cannot have control ids mapped to them or parent sections of their own
    • For a custom framework upload to have a parent layer, at least one section must be marked as a parent during upload. Otherwise, it will turn into a custom framework with only child sections and no parent sections
    • In a Framework with a Parent section, all child sections must have a parent section mapped to them

 

  • Capitalization differences are allowed
  • No extra white space is permitted
  • All columns are required, but Section Description, Parent Section ID, and Control IDs can be empty. Controls can be mapped to sections later on manually

 

  • Once the information has been completed, select Next

Screen_Shot_2023-01-24_at_1.39.30_PM.png

  • From here, you will be asked to preview the Framework.
  • Select Import

Screen_Shot_2023-01-26_at_11.19.55_AM.png

  • The new custom framework will now be a tile available for viewing, editing, and monitoring from the Frameworks page

 

Adding Additional Custom Controls 

  • Find the custom frame you want to edit from the Frameworks page and select View Details. 

Screen_Shot_2023-01-26_at_11.25.18_AM.png

  • Select +Add control 

Screen_Shot_2023-01-26_at_11.27.01_AM.png

  • Choose from the custom controls you want to add to your custom framework. 
  • For every control, you must select the control and then select add. 

Removing a Control from a Custom Framework

  • From the Framework, select View "x" Controls

Screen_Shot_2023-01-26_at_11.29.57_AM.png

  • Select the three dots, and choose to delete

Screen_Shot_2023-01-26_at_12.10.21_PM.png

Was this article helpful?

Have more questions? Submit a request