Skip to main content
All CollectionsControl Tests
Test: Sensitive Data Disposal Policy
Test: Sensitive Data Disposal Policy

Drata inspects your company records to determine if an Information Security Policy is in place and is before the policy renewal date.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the Disposal of Sensitive Data on Paper control that ensures your company has formal policies and procedures in place to guide personnel in the disposal of paper documents containing sensitive data.

WHAT TO DO IF A TEST FAILS

If Drata finds that an Information Security policy either does not exist or or if the renewal date on the policy has passed, the test will fail.

To remediate a failed test, you will need to either upload or build a Information Security policy within Drata, set a renewal date that aligns with your compliance program goals, and notify the owner to click 'Approve Policy' as soon as possible.

HELPFUL RESOURCES

Did this answer your question?