Skip to main content
All CollectionsControl Tests
Test: Policies Cover Employee Access
Test: Policies Cover Employee Access

Drata inspects your company policies to determine if they outline the proper requirements for allowing employees access to customer data.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the Customer Data Policies control that ensures your Management team has approved all necessary policies that detail how customer data should be handled and made accessible to others. This test will also ensure that these policies are accessible to all employees and contractors.

WHAT TO DO IF A TEST FAILS

If Drata finds that your company policies are either not available or do not reflect the necessary requirements and procedure, for either granting employees access or revoking access to customer data, the test will fail.

To remediate a failed test, you will need to make sure that the appropriate policies are uploaded to Drata and contain specific requirements for granting/revoking access to customer data. These policies will also need to be approved by an owner for the test to succeed.

STEPS TO REMEDIATE

  1. Navigate to the Policy Center.

  2. Add either the 'Acceptable Use Policy' and/or 'Data Protection Policy' and ensure that the newly added policy(s) are approved.

HELPFUL RESOURCES

Did this answer your question?