Secureframe offers a wide variety of Settings to ensure each customer has enabled the specific features and confirations needed for their compliance objectives. 

Review each tab to fully understand the settings available based on your package.

Company Details

This section is very important because anything denoted with a red * will auto-populate portions of the platform like Policies with this specific information provided. If populated, this will save you many hours of manual work and ensure consistency. 

To add your company details, please take the following steps:

1. Maneuver to Company Settings, by clicking your Avatar in the top right corner and select Company Settings
2. Fill in your company information in the Company Details tab (e.g. company address, company phone number, etc.)
3. Note: You can return to this page at any time and edit this information.

Configurations

This settings pages will capture Billing Info, Key Personnel such as Information Security Managers, enabling features like Comply AI or SecurityScorecard. 

• Billing Information - set your Billing email, EIN and VAT. 
• Key Personnel - Assign your Information Security Manager and Board of Directors if applicable.
• Labs - Enable Comply AI to access AI-powered capabilities to enable faster, more informed decision making across the entire platform. (Risk, Vendors, Questionnaires, Tests, and more)
• SecurityScorecard - Enable to automatically assign a security ratings (A-F) to companies based on various risk factors, helping you more easily assess vendors, partners, and third parties. This rating will be displayed on your dashboard. Learn more about our SecurityScorecard partnership here. 
• 
• Session Timeout - Log users out when they are inactive for a specific amount of time. 

Audit Log

The Audit Log provides a detailed, time-stamped record of actions taken across your Secureframe instance. You can view which users made changes, what objects were affected (like users, vendors, or exports), and what fields were updated. Use filters or the search bar to quickly find specific activities and maintain transparency across your organization.

Authentication Settings

Authentication settings will be an important section to review for Admins who want to control alternate sign-in connections for specific domains. 

Click here to get started with Understanding Domain Claims, SSO, and OAuth

SCIM Settings

By enabling SCIM provisioning, you can configure a push-based directory sync from your identity provider (idP) to Secureframe. User and user updates (e.g. active status) are pushed to Secureframe in near real-time.

Click here to get started with SCIM Provisioning

API Keys

If you wish to use our API Developer Portal to automate compliance workflows, fetch audit data, or manage users programmatically, the Developer Portal gives you the resources to extend Secureframe’s capabilities.

You will need to establish an API key here in the settings first. 

Click here to get start with our Developer Portal (API)

Email Logs

Email Logs give company admins visibility into the automated emails Secureframe sends to users (such as onboarding invites or task notifications) and vendors, helping ensure nothing slips through the cracks. Logs are available for emails generated on or after March 17, 2025.

Click here to read more on Email Logs