Drata

This test is part of the <b>Defined Management Roles &amp; Responsibilities </b>control that ensures your company has established defined roles and responsibilities to oversee implementation of the information security policy across the organization.

If Drata finds that an Information Security policy either does not exist or has not been approved within the last 12 months the test will fail.

To remediate a failed test, you will need to either upload or build the Information Security policy within Drata or notify the owner to click 'Approve Policy' as soon as possible.

<a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

- <a href="https://help.drata.com/en/articles/4826936-policy-builder" rel="nofollow noopener noreferrer" target="_blank">Building Policies Within Drata</a>

Drata inspects your company records to determine roles are defined to oversee implementation of the Information Security Policy.

Test: Roles to Implement Information Security Policy

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you