Skip to main content

Documents Page

S
Written by Shannon DeLange
Updated over 2 weeks ago

The Documents page lists all evidence files required for your audit, including those submitted directly and those attached to document tests from the Monitors page.

Documents may relate to product information, HR, IT, policy, or other areas depending on your chosen framework (e.g., SOC 2, ISO 27001, HIPAA). Each listed item represents a required piece of evidence your auditor will review.

Accessing the Documents Page

  • From the left-hand navigation panel, select Documents.

    • You can also access documents through related tests on the Monitors page. Updates made in either view are automatically reflected in both places.

  • Human resources, information technology, policy, engineering, and risks are preestablished sections of documents needed to obtain specific compliance certifications.

  • Documents will be categorized by sections and also tagged with the compliance name the document will be used for.

  • Each item will showcase the name of the document needed, the owner responsible for the document, and its status.

Screenshot 2025-03-07 at 3.51.10 PM.png

Document Status

  • Need Document: A document test is waiting for an upload. Uploading a file here or through the Monitors page will satisfy the related test.

  • OK: The document test has passed; the uploaded document is current and approved.

  • Needs Update: The document test is failing or overdue because the current file is outdated or expiring soon.

  • Not Relevant: This document does not apply to your company’s compliance scope, and the related test will be marked as excluded.

Searching & Filtering Documents

You can search for documents that have been uploaded using the search bar in the top left-hand corner. Filtering helps you find documents across all frameworks and tests. Filters apply to both documents uploaded directly and those submitted as part of a document test. Documents can also be filtered by:

  • Status: The current status of an uploaded document.

  • Category: The section a document falls under.

  • Frequency: How often is the document expected or needed to be renewed?

  • Standard: The compliance framework the document serves, i.e., SOC2, HIPAA.

  • Priority: Is the document due soon or overdue?

  • Owner: Who is responsible for this document?

Related Articles
Event Log
Audits Page
Managing your Documents
How will your Auditor use Vanta?
Vanta GRC Implementation Guide