Skip to main content
SecurAtlas provides several report types for auditors, compliance teams, and internal stakeholders. Some are downloadable spreadsheets for deeper analysis; others are formatted PDFs designed to hand off directly to auditors or management. This page covers where to find each report and what it contains.

Reports page overview

Navigate to Reports from the sidebar. The page opens with four summary KPI tiles — Risk Score, EAL Exposure, Controls Done, and Avg Effective Maturity — giving you a snapshot of your current posture before you generate anything. Two export cards and a PDF reports section appear below.

Control matrix export

The control matrix is a spreadsheet download containing one row per control. It is the most detailed data export available. Columns included: Control ID, Title, Category, Severity, Required by profile, Priority, Status, Raw Maturity, Effective Maturity, Evidence Count, Validation Status, Missing Evidence, Implementation Notes. To download:
  1. On the Reports page, find the Control Matrix card
  2. Click Download Control Matrix
  3. Choose CSV or Excel format
The card shows a preview of totals: number of controls, how many are required by your baseline profile, and how many have validated evidence.

Evidence request export

The evidence request export lists every control that is missing required evidence. It is designed to be shared with whoever is responsible for gathering documentation. Columns included: Control, Urgency tier, Missing evidence types, Required evidence, Recommended evidence, How to implement, Effort level. Items are sorted by urgency tier and then by severity, so the highest-priority gaps appear first. If critical gaps exist, the card is highlighted in red. To download:
  1. Find the Evidence Request card on the Reports page
  2. Click Download Evidence Request
  3. Choose CSV or Excel format

PDF reports

SecurAtlas generates two PDF report types from the Reports page:

Compliance posture PDF

A full compliance posture report with the control matrix, maturity breakdown, framework coverage, and evidence status. Designed for auditor submissions and compliance review meetings. Click Generate Compliance PDF to create it.

Evidence request PDF

An action list showing which controls need evidence, what type is required, and how to provide it. Sorted by urgency. Useful for sending to team members or clients who need to supply documentation. Click Generate Evidence Request PDF to create it.
Generated PDFs are stored and appear in the Recent Reports section at the bottom of the page. Each entry shows the report type, generation timestamp, and file size. Use View to open the report in-browser or the download icon to save it locally.
PDF generation runs asynchronously. After clicking Generate, the report appears in the Recent Reports list with a “Generating…” status. Refresh the page in a few seconds to see the completed report.

Compliance report from the Compliance page

A quick-access Download Report button also appears on the Compliance page (top-right corner) and on the main Dashboard. Clicking it downloads the compliance report directly via /api/reports/compliance/{tenantId} without going through the Reports page.

Evidence certificate

An evidence certificate is a one-page PDF that documents a specific control’s evidence at a point in time — including the evidence items linked, their validation status, and the date of the certificate. It is useful for:
  • Auditor handoffs for individual controls
  • Demonstrating that a specific requirement is covered
  • Archiving evidence state before a review cycle
To download an evidence certificate:
  1. Go to the Controls page and open the drawer for a control
  2. Find a validated evidence item in the drawer
  3. Select Download Certificate from the action menu on that item
Evidence certificates are also available through the API at /api/reports/evidence-certificate.

Policy export

Individual policies can be exported as formatted PDF documents. See the Policies guide for the full walkthrough. Policy exports are available through the API at /api/reports/policy-export.