PartnerAlly Docs
Settings

Framework Settings

Enable, configure, and manage compliance frameworks.

Framework Settings

Framework settings control which compliance frameworks are active and how they're configured for your organization.

Framework settings require admin access. Contact your organization admin if you don't have access.

Accessing Framework Settings

Go to Settings

Click Settings in the sidebar.

Click "Frameworks"

Opens framework configuration.

Enabled Frameworks

Viewing Enabled Frameworks

See which frameworks are currently active:

  • Framework name and version
  • Enable/disable toggle
  • Configuration status
  • Last analysis date

Available Frameworks

PartnerAlly supports:

FrameworkDescription
SOC 2Trust Service Criteria
ISO 27001Information Security Management
HIPAAHealthcare data protection
GDPREU data protection
PCI DSSPayment card security
AML/BSAAnti-money laundering
NIST CSFCybersecurity framework
SOXFinancial controls

Enabling a Framework

Find the Framework

Locate in the available frameworks list.

Click "Enable"

Toggle or click enable button.

Configure Options

Set framework-specific options.

Confirm

Framework is now active.

What Happens When You Enable

  • Framework controls are loaded
  • Existing documents are re-analyzed
  • New gaps may be identified
  • Framework appears in filters and reports

Disabling a Framework

Before Disabling

Consider:

  • Existing gaps for this framework
  • Active workflows linked to it
  • Reporting and metrics impact
  • Audit implications

Disabling Process

Find the Framework

Locate in enabled frameworks.

Click "Disable"

Toggle or click disable.

Confirm Action

Acknowledge the impact.

Framework Deactivated

Controls are hidden (not deleted).

After Disabling

  • Framework gaps are hidden (not deleted)
  • No new gaps are created for this framework
  • Existing data is preserved
  • Can re-enable anytime

Disabling a framework hides but doesn't delete data. Re-enable to see historical gaps and evidence.

Framework Configuration

SOC 2 Configuration

OptionDescription
Trust Service CriteriaSelect which TSC to include
Points of FocusInclude detailed points of focus
TypeType I or Type II focus

ISO 27001 Configuration

OptionDescription
Version2013 or 2022
Annex A ScopeWhich control domains to include
SoA SupportStatement of Applicability integration

HIPAA Configuration

OptionDescription
Rule FocusPrivacy, Security, or Both
Entity TypeCovered Entity or Business Associate
SafeguardsWhich safeguard categories

Other Frameworks

Each framework has specific configuration options. Review when enabling.

Control Customization

Adding Custom Controls

If your organization has additional requirements:

  1. Open framework settings
  2. Click "Custom Controls"
  3. Add control details
  4. Map to existing controls if applicable

Excluding Controls

Mark controls as not applicable:

  1. Find the control
  2. Click "Not Applicable"
  3. Document the reason
  4. Control excluded from analysis

Control Mapping

Link controls across frameworks:

  • See related controls
  • Identify overlaps
  • Reduce duplicate work

Framework Versions

Version Management

When frameworks update:

  • New version becomes available
  • Existing version continues working
  • Transition at your pace

Upgrading Versions

Review Changes

See what's new in the version.

Plan Transition

Identify impact on your program.

Enable New Version

Activate the new version.

Migrate

Transition gaps and evidence.

Framework Analysis

Triggering Re-Analysis

Re-analyze documents against frameworks:

  1. Go to Framework Settings
  2. Select framework
  3. Click "Re-analyze Documents"
  4. All documents are re-analyzed

Analysis Scope

Control what's analyzed:

  • All documents
  • Documents updated since last analysis
  • Specific document types

Best Practices

Framework Selection

Choose frameworks based on:

  • Customer requirements
  • Regulatory obligations
  • Industry standards
  • Business goals

Phased Enablement

Start with primary frameworks:

  1. Enable most critical first
  2. Build compliance foundation
  3. Add additional frameworks
  4. Manage workload growth

Regular Review

Review framework settings:

  • Quarterly for configuration
  • Annually for relevance
  • When regulations change
  • When business changes

Common Questions

How many frameworks should I enable?

Depends on your needs:

  • Start with 1-3 primary frameworks
  • Add more as capacity allows
  • Quality over quantity

Will enabling more frameworks create more gaps?

Yes. Each framework brings additional controls. More frameworks = more potential gaps initially.

Can I use custom frameworks?

Contact support for custom framework needs. Standard frameworks are available by default.

How do framework updates affect my data?

When frameworks update:

  • Existing data is preserved
  • New controls may create new gaps
  • Transition is managed

Next Steps

Account Settings

Manage your profile, timezone, and personal preferences.

Notification Settings

Configure how and when you receive alerts and notifications.

On this page

Framework SettingsAccessing Framework SettingsGo to SettingsClick "Frameworks"Enabled FrameworksViewing Enabled FrameworksAvailable FrameworksEnabling a FrameworkFind the FrameworkClick "Enable"Configure OptionsConfirmWhat Happens When You EnableDisabling a FrameworkBefore DisablingDisabling ProcessFind the FrameworkClick "Disable"Confirm ActionFramework DeactivatedAfter DisablingFramework ConfigurationSOC 2 ConfigurationISO 27001 ConfigurationHIPAA ConfigurationOther FrameworksControl CustomizationAdding Custom ControlsExcluding ControlsControl MappingFramework VersionsVersion ManagementUpgrading VersionsReview ChangesPlan TransitionEnable New VersionMigrateFramework AnalysisTriggering Re-AnalysisAnalysis ScopeBest PracticesFramework SelectionPhased EnablementRegular ReviewCommon QuestionsHow many frameworks should I enable?Will enabling more frameworks create more gaps?Can I use custom frameworks?How do framework updates affect my data?Next Steps