Skip to main content
All CollectionsMonitoringTests
Test: Policies for Security Awareness Training
Test: Policies for Security Awareness Training

Drata inspects your company Information Security Policy to ensure the security team is responsible for training all employees on security.

Updated over 2 years ago

ASSOCIATED DRATA CONTROL

This test is part of the Security Training control that ensures your company has established training programs for privacy and information security to help employees understand their obligations and responsibilities. This control identifies compliance to the company security policies and procedures, including the identification and reporting of incidents. All full-time employees are required to complete these trainings annually.

WHAT TO DO IF A TEST FAILS

If Drata finds that an Information Security policy either does not exist or has not been approved within the last 12 months the test will fail.

To remediate a failed test, you will need to either upload or build the Information Security policy within Drata or notify the owner to click 'Approve Policy' as soon as possible.

HELPFUL RESOURCES

Did this answer your question?