Skip to main content
All CollectionsMonitoringTests
Test: Policies for Tracking Security Items
Test: Policies for Tracking Security Items

Drata inspects your company Incident Response Plan to determine if it includes a section about tracking follow-ups after an incident.

Updated over 2 years ago

ASSOCIATED DRATA CONTROL

This test is part of the Follow Up's Tracked control that ensures your company has implemented an Incident Response Policy that includes creating, prioritizing, assigning, and tracking follow-ups to completion.

WHAT TO DO IF A TEST FAILS

If Drata finds that an Incident Response policy either does not exist or has not been approved within the last 12 months the test will fail.

To remediate a failed test, you will need to either upload or build the Incident Response policy within Drata or notify the owner to click 'Approve Policy' as soon as possible.

STEPS TO REMEDIATE

  1. Navigate to the Policy Center page

  2. Add an 'Incident Response Plan' and ensure that the newly added plan is approved

HELPFUL RESOURCES

Did this answer your question?