Reports

The Reports section helps you generate compliance evidence and audit-ready documentation from your Recoger data.

Report Types

Compliance Reports

Framework-specific reports showing your compliance coverage:

Framework Coverage
ISO 27001:2022 Annex A controls related to endpoint security, access control, and asset management
SOC 2 Common Criteria for logical access (CC6.x) and system operations (CC7.x)
GDPR Article 32 technical measures and data protection controls
ISO 42001 AI management system controls for organizations using AI

Device Reports

Detailed reports on device compliance:

  • Fleet Overview — Summary of all devices and their compliance status
  • Non-Compliant Devices — Devices requiring attention with remediation steps
  • Device History — Compliance changes over time for audit evidence

Service Reports

Reports on third-party service compliance:

  • Service Inventory — All tracked services with security configurations
  • Review Status — Services due for review or overdue
  • Vendor Assessment — Security posture of third-party vendors

Generating Reports

  1. Go to Reports in the dashboard
  2. Select the report type
  3. Choose the framework or scope
  4. Set the date range (if applicable)
  5. Click Generate Report

Reports are generated in real-time using your current data.

Report Contents

Compliance reports include:

Executive Summary

High-level overview suitable for leadership and auditors:

  • Overall compliance percentage
  • Number of devices and services monitored
  • Critical gaps requiring attention
  • Trend compared to previous period

Control Mapping

Detailed mapping of Recoger checks to framework controls:

  • Control identifier and description
  • Implementation status
  • Evidence collected
  • Gaps and remediation needed

Evidence Appendix

Supporting evidence for each control:

  • Device compliance screenshots
  • Service configuration details
  • Policy acknowledgments
  • Review completion records

Export Formats

Reports can be exported in multiple formats:

Format Best For
PDF Sharing with auditors, archiving, formal documentation
CSV Data analysis, importing into other tools
JSON API integrations, automated processing

Scheduled Reports

Set up automatic report generation and delivery:

  1. Go to Reports → Scheduled
  2. Click Create Schedule
  3. Select the report type and frequency
  4. Add email recipients
  5. Save the schedule

Scheduled reports are emailed as PDF attachments on the specified frequency (daily, weekly, monthly).

Audit Preparation

When preparing for an audit, use reports to:

  1. Identify gaps — Generate a compliance report to see what's missing
  2. Prioritize remediation — Focus on critical and high-severity gaps first
  3. Collect evidence — Export device and service data as evidence
  4. Document controls — Use the control mapping as your evidence index

Evidence Retention

Recoger retains compliance data for audit purposes:

Data Type Retention
Device check-ins 90 days (rolling)
Device compliance history 2 years
Service reviews Indefinite
Generated reports 1 year
Audit logs 2 years

Enterprise plans include extended retention options.

API Access

Reports can also be generated via the API for automation. See the API Reference for details on the /reports endpoints.