Skip to main content
All CollectionsControl Tests
Test: Process for Responsible Disclosure
Test: Process for Responsible Disclosure

Drata inspects your company security policies to determine if they detail a process for employees to disclose potential security violations.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the Disclosure Process for Employees control that ensures your company provides a process for employees to report concerns around security, confidentiality, integrity, availability failures, and incidents.


โ€‹

WHAT TO DO IF A TEST FAILS

If Drata finds that your company policies do not detail a process for employees to report concerns around security, confidentiality, integrity, availability failures, and incidents the test will fail.

To remediate a failed test, you will need to ensure that the appropriate policy has been uploaded to Drata and that the policy contains a specific section detailing the employee process for responsible disclosure.

STEPS TO REMEDIATE

  1. Navigate to the Policy Center.

  2. Add a 'Responsible Disclosure Policy' and ensure that the newly added policy is approved.

HELPFUL RESOURCES

Did this answer your question?