Skip to main content
All CollectionsMonitoringTests
Test: SLA for Security Bugs
Test: SLA for Security Bugs

Drata inspects your company records to determine if a Vulnerability Management Policy, that includes an SLA for P0 security bugs, is active.

Updated over 2 years ago

ASSOCIATED DRATA CONTROL

This test is part of the SLA for Security Bugs control that ensures your company tracks security deficiencies through internal tools and closes them within an SLA that management has pre-specified.

WHAT TO DO IF A TEST FAILS

If Drata is unable to locate your Vulnerability Management Policy or finds that the policy has not been approved by the owner within the last 12 months the test will fail.

To remediate a failed test, you will need to ensure a Vulnerability Management Policy is uploaded and approved. If a policy has already been uploaded but requires approval, you will have the ability to notify the policy owner reminding them to 'approve' the policy.

STEPS TO REMEDIATE

  1. Navigate to the Policy Center page

  2. Add a 'Vulnerability Management Policy' and ensure that the newly added policy is approved

HELPFUL RESOURCES

Did this answer your question?