Drata

This test is part of the <b>Customer Data Policies</b> control that ensures your Management team has approved all necessary policies that detail how customer data should be handled and made accessible to others. This test will also ensure that these policies are accessible to all employees and contractors.

If Drata finds that your company policies are either not available or do not reflect the necessary requirements and procedure, for either granting employees access or revoking access to customer data, the test will fail.

To remediate a failed test, you will need to make sure that the appropriate policies are uploaded to Drata and contain specific requirements for granting/revoking access to customer data. These policies will also need to be approved by an owner for the test to succeed.<b> </b>

Add either the 'Acceptable Use Policy' and/or 'Data Protection Policy' and ensure that the newly added policy(s) are approved.

1. Navigate to the Policy Center.
2. Add either the 'Acceptable Use Policy' and/or 'Data Protection Policy' and ensure that the newly added policy(s) are approved.

<a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

- <a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

Drata inspects your company policies to determine if they outline the proper requirements for allowing employees access to customer data.

Test: Policies Cover Employee Access

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you