Drata

The  DCF-86 (Operational Audit) is not monitored in Drata for SOC 2, ISO 27001:2013, ISO 27001:2022, and HIPAA. Go to <b><a href="https://help.drata.com/en/articles/5621854-example-evidence-for-not-monitored-controls-soc-2-iso-27001-hipaa">Example Evidence for Not Monitored Controls (SOC 2, ISO 27001, HIPAA)</a> </b>for more information.

This test is part of the <b>Operational Audit </b>control that ensures your company cloud infrastructure is monitored through an operational audit system that sends alerts to appropriate personnel.

If Drata finds that the operational auditing system is either disabled or that no alert rulesets are configured the test will fail.

To remediate a failed test, you will need to enable the operational auditing system and configure one or more rulesets to trigger alerts to the appropriate personnel.

Drata inspects the operational activity auditing system to ensure it is enabled and that it is configured to send alerts.

Test: Operational Audit

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you