Skip to main content
All CollectionsReports
What should be included in the annual BCP/DR test and Incident Response test?
What should be included in the annual BCP/DR test and Incident Response test?
Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

Typically both are in the form of meeting minutes or notes loaded into Drata’s 'Evidence Library' section. You would hold a meeting to review your Business Continuity & Disaster Recovery Plan and a second meeting to review your Incident Response Policy. Include clear documentation of who was in attendance at the meeting, the date and time and items reviewed and discussed. Walk through the policies and a mock example for each. Discuss risk, breaking-points, as well as improvements that could be made to the the policies and processes surrounding them. All these talking points should be included in the meeting notes. Also be sure to include a “lessons learned” section on any table top test you complete.

Did this answer your question?