Drata

This test is part of the <b>Lessons Learned </b>control that ensures your Incident Response Plan includes a process for documenting "Lessons Learned" after an incident as well as for sharing them out with the broader engineering team.

If Drata finds that an Incident Response plan either does not exist or has not been approved within the last 12 months the test will fail.

To remediate a failed test, you will need to either upload or build the Incident Response plan within Drata or notify the owner to click 'Approve Policy' as soon as possible.

Add an 'Incident Response Plan' and ensure that the newly added plan is approved

1. Navigate to the Policy Center page
2. Add an 'Incident Response Plan' and ensure that the newly added plan is approved

<a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

- <a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

Drata inspects your company Incident Response Plan to ensure it includes a section about documenting “Lessons Learned” after incidents.

Test: IRP Includes Lessons Learned

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you