Drata

This test is part of the <b>Incident Response Plan </b>control that ensures your company has an established Incident Response Policy. This policy should outline management responsibilities and procedures to ensure a quick, effective, and orderly response to information security incidents and annual testing.

If Drata finds that an Incident Response plan either does not exist or if the renewal date on the policy has passed, the test will fail.

To remediate a failed test, you will need to either upload or build the Incident Response plan within Drata, set a renewal date that aligns with your compliance program goals, and notify the owner to click 'Approve Policy' as soon as possible.

Add an 'Incident Response Plan' and ensure that the newly added plan is approved

Set a policy renewal date that aligns with your compliance program goals. Many frameworks require that policies are reviewed/approved annually

1. Navigate to the Policy Center page
2. Add an 'Incident Response Plan' and ensure that the newly added plan is approved
3. Set a policy renewal date that aligns with your compliance program goals. Many frameworks require that policies are reviewed/approved annually

<a href="https://help.drata.com/en/articles/4826936-policy-builder">Building Policies Within Drata</a>

- <a href="https://help.drata.com/en/articles/4826936-policy-builder">Building Policies Within Drata</a>

Drata inspects your company records to determine if an Incident Response Plan is in place and is before the policy renewal date.

Test: Incident Response Plan (IRP)

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you