In my ISO 27001 audit, the auditor had the following finding:
Reviewed 05-isms-procedure-for-the-control-of-documented-information and policies management by Vanta. It was observed that documents don't have the labeling when exported from the portal based on the classification policy. Hence, this is considered an Opportunity for Improvement.
I am sure that I can do ensure this happens by creating my own PDFs and ensuring the footer is on before I upload them. But, that's a lot of hassle and it seems like some future functionality could easily handle that within Vanta. I am hoping others can tell me what tips and tricks they do to make this happen.
In confluence, where I was planning to store our files and sync them to Vanta, I have updated the space to have a confidential footer on every page and on all PDF exports. But, that's not pulled into Vanta with the sync functionality.
In the policy editor in Vanta, is there a way to have a footer like this on all pages?
Also, I have the trust report and, while I can do a watermark on the doc and have people sign an NDA, it doesn't seem like there's any way to note which docs are confidential (on every page like the watermark).
curious how others have solved this problem? I have reached out to support and they are checking but are unsure of any features that help with this at present.