Drata

This test is part of the <b>Acceptable Use Policy </b>control that ensures your company has policies and procedures in place to establish acceptable use of information. These assets should be approved by management, posted on the company wiki, and accessible to all employees. All employees must accept the Acceptable Use Policy upon hire.

If Drata finds that an Acceptable Use policy either does not exist or if the renewal date on the policy has passed, the test will fail.

To remediate a failed test, you will need to either upload or build the Acceptable Use policy within Drata, set a renewal date that aligns with your compliance program goals, and notify the owner to click 'Approve Policy' as soon as possible.

Add an 'Acceptable Use Policy' and ensure that the newly added policy has been approved

Set a policy renewal date that aligns with your compliance program goals. Many frameworks require that policies are reviewed/approved annually

1. Navigate to the Policy Center page
2. Add an 'Acceptable Use Policy' and ensure that the newly added policy has been approved
3. Set a policy renewal date that aligns with your compliance program goals. Many frameworks require that policies are reviewed/approved annually

<a href="https://help.drata.com/en/articles/4826936-policy-builder">Building Policies Within Drata</a>

<a href="https://whatis.techtarget.com/definition/acceptable-use-policy-AUP" rel="nofollow noopener noreferrer" target="_blank">What is an Acceptable Use Policy?</a>

- <a href="https://help.drata.com/en/articles/4826936-policy-builder">Building Policies Within Drata</a>
- <a href="https://whatis.techtarget.com/definition/acceptable-use-policy-AUP" rel="nofollow noopener noreferrer" target="_blank">What is an Acceptable Use Policy?</a>

Drata inspects your company records to determine if an Acceptable Use Policy is in place and is before the renewal date.