Drata

This test is part of the <b>Disclosure Process for Employees </b>control that ensures your company provides a process for employees to report concerns around security, confidentiality, integrity, availability failures, and incidents.

If Drata finds that your company policies do not detail a process for employees to report concerns around security, confidentiality, integrity, availability failures, and incidents the test will fail.

To remediate a failed test, you will need to ensure that the appropriate policy has been uploaded to Drata and that the policy contains a specific section detailing the employee process for responsible disclosure.

Add a 'Responsible Disclosure Policy' and ensure that the newly added policy is approved.

1. Navigate to the Policy Center.
2. Add a 'Responsible Disclosure Policy' and ensure that the newly added policy is approved.

<a href="https://www.bugcrowd.com/resource/what-is-responsible-disclosure/" rel="nofollow noopener noreferrer" target="_blank">What is responsible disclosure?</a>

- <a href="https://www.bugcrowd.com/resource/what-is-responsible-disclosure/" rel="nofollow noopener noreferrer" target="_blank">What is responsible disclosure?</a>

Drata inspects your company security policies to determine if they detail a process for employees to disclose potential security violations.

Test: Process for Responsible Disclosure

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you