Skip to main content
All CollectionsMonitoringTests
Test: System Access Control Policy
Test: System Access Control Policy

Drata inspects your company records to determine if a System Access Control Policy is in place and is currently valid.

Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the System Access Control Policy control that ensures your company has a defined policy requiring annual access control reviews to be conducted along with access request forms required for new hires and employee transfers.


WHAT TO DO IF A TEST FAILS

If Drata finds that your System Access Control Policy has either not been uploaded to Drata or has not been approved within the last 12 months the test will fail.

To remediate a failed test, you will need to ensure that the appropriate policy has been uploaded to Drata and that this policy has been approved by the owner. If necessary, you can send an email reminder to the policy owner asking for an approval.

STEPS TO REMEDIATE

  1. Navigate to the Policy Center.

  2. Add a 'System Access Control Policy' and ensure that the newly added policy is approved.

HELPFUL RESOURCES

Did this answer your question?