Drata

This test is part of the <b>Information Security Policy </b>control that ensures your company has a defined Information Security Policy that covers policies and procedures to support the functioning of internal control.

If Drata finds that your Information Security Policy is either not in Drata or has not been approved by the owner within the last 12 months the test will fail. 

To remediate a failed test, you will need to ensure that your Information Security Policy has been uploaded to Drata. If the policy has been uploaded you will be able to send an email reminder to the owner of the policy, requesting an approval.

Add an 'Information Security Policy' and ensure that the newly added policy is approved.

1. Navigate to the Policy Center.
2. Add an 'Information Security Policy' and ensure that the newly added policy is approved.

<a href="https://resources.infosecinstitute.com/topic/key-elements-information-security-policy/" rel="nofollow noopener noreferrer" target="_blank">What is an Information Security Policy?</a>

<a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

- <a href="https://resources.infosecinstitute.com/topic/key-elements-information-security-policy/" rel="nofollow noopener noreferrer" target="_blank">What is an Information Security Policy?</a>
- <a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

Drata inspects your company records to determine if an Information Security Policy is in place and is currently valid.

Test: Information Security Policy

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you