🔌 Evidence Integrations

Compliance Evidence
Integrations
Tools Become Proof

The tools your clients already run are sitting on the evidence auditors want. Connect them and their data becomes automated compliance evidence — and where there's no API, declare the tool in attest mode.

Connected Evidenceyourclient.com
5
evidence families connected
Awareness training (LMS)AUTOMATED
Backup & recoveryAUTOMATED
Managed EDRAUTOMATED
Incident response (PSA)AUTOMATED
Backup vendor (no API)ATTESTED

The Evidence Already Exists — It’s Just Not in the Report

Your clients run security-awareness training, a backup platform, a PSA, an HRIS, an EDR. Every one of them is generating the exact evidence a framework asks for — training completion, tested restores, incident history — and none of it is in the compliance report.

Connect the tool and SBCMSP turns its live data into automated evidence, citing the real numbers under the control. When a framework asks “do users complete awareness training regularly,” the answer stops being a promise and becomes a citation.

No API for a tool? Declare it in attest mode. That records the control as attested — honestly “declared,” not “automated” — and fills only undocumented gaps. It never overwrites live-API evidence or a human answer.

01Connect for Live Evidence
A connected tool marks its controls automated and cites the live data in the report.
02Attest Mode for the Rest
No API? Declare the tool — recorded as attested, filling only undocumented gaps.
03Precedence You Can Trust
Live-API evidence and human answers are never overwritten by an attest-mode declaration.

Five Kinds of Tooling, One Evidence Trail

Connect what has an API; declare what doesn’t.

LMS
Awareness Training
Training completion + phishing tests
PSA
Incident Response
Ticket history as IR evidence
BAK
Backup & Recovery
Tested restores + retention
HRIS
Personnel Lifecycle
Screening + offboarding
EDR
Managed Detection
Endpoint defense coverage
ATTEST
Attest Mode
Declare a tool with no API

From Tool to Cited Control

Connect it once; the report stays current.

🔗
1. Connect the Tool
Add a client’s awareness-training, backup, PSA, HRIS, or EDR platform under Settings → Integrations.
📊
2. Data Becomes Evidence
The integration’s live data marks its controls automated and cites the real numbers in the report.
📝
3. Attest What Has No API
For a tool without a connection, declare it in attest mode — recorded as attested, filling undocumented gaps only.
🌙
Stays Fresh
A nightly sync refreshes connected evidence, so the report reflects the latest training and backup data.
🔒
Never Clobbers
Attest-mode declarations never overwrite live-API evidence or a human attestation.
🗺️
Maps to Every Framework
Evidence propagates across frameworks via concept families — connect once, satisfy many standards.

Common Questions About Evidence Integrations

Which kinds of tools can I connect?
Five evidence families: security-awareness training (LMS), incident response (PSA ticket history), backup and recovery, personnel lifecycle (HRIS), and managed endpoint detection (EDR). A connected tool marks its controls automated and cites its live data.
What if a client’s tool has no API?
Declare it in attest mode. That records the control as attested — honestly “declared,” not “automated” — and fills only undocumented gaps. It never overwrites live-API evidence or a human answer.
Does connecting a tool keep the report current?
Yes. A nightly sync refreshes connected evidence, so training completion, backup testing, and incident history in the report reflect the latest data.
Does one integration only help one framework?
No. Evidence propagates across frameworks via concept families, so connecting a single tool can satisfy the equivalent control in every standard you assess.

Turn Client Tooling Into Audit Evidence

Connect what has an API, declare what doesn’t — and let the report cite real data.

→ Start Free Trial