Automated Evidence via Integrations
When you connect integrations like Microsoft Entra ID, AWS, GCP, or Level.io, Regentra can pull evidence automatically and attach it to the relevant controls.- Microsoft Entra ID
- AWS
- GCP
- Level.io
- MFA enrollment status for all users
- Conditional access policy configurations
- User provisioning and de-provisioning logs
- Group membership and role assignment snapshots
Automated evidence is refreshed on a schedule. Regentra pulls fresh data from connected integrations so your evidence stays current without manual effort.
Manual Evidence Upload
Not everything can be automated. For controls that require human-generated evidence, you can upload files or add links directly.Upload or link
Click Add Evidence and choose:
- Upload file — PDFs, screenshots, spreadsheets, configuration exports, or any relevant document
- Add link — URL to an external dashboard, monitoring tool, or shared document
- Signed policy acknowledgment records
- Meeting minutes from security reviews
- Vendor assessment questionnaires
- Physical security photos
- Training completion certificates
Evidence Attached to Controls
Every piece of evidence in Regentra is attached to one or more controls. This creates a direct audit trail: Framework requirement → Control → Evidence When an auditor asks “How do you satisfy HIPAA § 164.312(a)(1)?”, you can show them the control, its implementation notes, and every piece of evidence supporting it — all in one place. Because controls map across frameworks through the CCF, evidence attached to a shared control counts toward every mapped framework. Upload once, satisfy many.Monitoring Signals and Compliance Status
Some evidence is not a static document but a live signal — an ongoing check that something is still true. Regentra’s monitoring signals track:- MFA enforcement — is MFA still enabled for all users?
- Encryption status — are storage resources still encrypted?
- Logging configuration — are audit logs still being captured?
- Patch compliance — are devices still up to date?
Evidence Expiration and Refresh Cycles
Evidence does not last forever. Auditors expect to see current proof, not year-old screenshots. Regentra manages evidence freshness through:- Expiration dates — set an expiration on any piece of evidence. When it expires, the associated control is flagged for review.
- Automated refresh — evidence from connected integrations is refreshed on a configurable schedule (daily, weekly, or monthly).
- Review reminders — the dashboard highlights controls with stale or expired evidence so your team knows where to focus.