Drata

This test is part of the <b>Risk Assessment Policy </b>control that ensures your company has a defined formal risk management process that specifies risk tolerances and the process for evaluating risks based on identified threats and the specified tolerances.

If Drata finds that your Risk Assessment Policy is either not in Drata or has not been approved by the owner within the last 12 months the test will fail.

To remediate a failed test, you will need to ensure that your Information Security Policy has been uploaded to Drata. If the policy has been uploaded you will be able to send an email reminder to the owner of the policy, requesting an approval.

Add a 'Risk Assessment Policy' and ensure that the newly added policy is approved.

1. Navigate to the Policy Center.
2. Add a 'Risk Assessment Policy' and ensure that the newly added policy is approved.

<a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

- <a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

Drata inspects your company records to determine if a Risk Assessment Policy is in place and is currently valid.

Test: Risk Assessment Policy

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you