Skip to main content
All CollectionsPolicy Center
Manage Policy Renewals

Manage Policy Renewals

Manage your policy compliance schedule by setting and maintaining renewal dates.

Updated over a month ago

Keeping your policies up to date is essential for maintaining compliance and ensuring that employees are informed of current requirements. In Drata, each policy includes a renewal date. The policy renewal date defines when a policy must be reviewed, updated, or acknowledged again.

Policy renewals help your organization:

  • Conduct compliance checks for policy-related tests.

  • Trigger tasks on the Tasks page for upcoming policy reviews or acknowledgments.

Different compliance frameworks have different renewal requirements. Some policies only need periodic reviews, while others require personnel acknowledgment. Drata provides flexible renewal options to help you meet these requirements efficiently.

Policy Renewal Scenarios

Depending on your framework, you may need to renew a policy in one of the following ways.

Require Policy Reviews

If your framework mandates periodic reviews without personnel acknowledgment, follow these steps:

  1. Review the policy to confirm it is accurate and up to date.

  2. Adjust the renewal date to the next review deadline.

  3. Select Update, then indicate that this is not a material change when prompted.

Outcome

  • If you are a Policy Owner, the policy remains Published, and no personnel acknowledgment is required.

  • If you are not a Policy Owner, you need approval from the Policy Owner and then, no personnel acknowledgment is required.

Require Policy Reviews and Personnel Acknowledgment

If your framework requires personnel to acknowledge policies on a regular cadence, follow these steps:

  1. Review the policy to ensure it is accurate and relevant.

  2. Adjust the renewal date to the next acknowledgment deadline.

  3. Select Update, then indicate that this is a material change when prompted.

  4. Send and receive approval from the Policy Owner.

  5. Publish and notify personnel to acknowledge the updated policy.

Outcome

  • Personnel acknowledgment is required.

Renew a Policy Without Updates

If a policy remains valid without requiring updates, you can renew it without making changes. This option is ideal for keeping policies current while streamlining approvals.

To use renew a policy without updates, ensure the following:

  • The policy is in the Published state.

  • The policy does not have an existing Draft version.

  • You are the Policy Owner.

  • This feature is not available for policies connected to BambooHR.

After you met the previous requirements, you can renew a policy without any updates:

  1. Navigate to the published policy.

  2. Select Renew without updates in the header.

  3. In the Renew without updates modal:

    • Select a renewal date.

    • Does this renewal need personnel acknowledgement?

      • YES, personnel acknowledgement is needed: The Notify personnel modal appears.

      • NO, personnel acknowledgement is not needed: Acknowledgment is assumed if personnel acknowledged a previous version.

    • Does this renewal need approval?

      • Yes, approval is needed: The policy enters Needs approval status.

      • No, approval is not needed: The policy is published immediately.

  4. Select Renew to finalize the renewal.

Outcome

  • Creates a new minor version of the policy.

  • Updates the Published Date to reflect the renewal confirmation date.

  • This option allows you to send the policy for reapproval if needed.

Manage Policy Renewal Dates

Since every policy in Drata requires a renewal date, you can track and update renewal dates in the following ways:

  • Policy Center Table: The renewal date is displayed in the Policy Center table for quick reference.

  • Policy Details: Select a policy to view its renewal date under the Policy Details section.

When selecting the renewal date:

  • Many frameworks require policies to be reviewed and acknowledged annually by your personnel.

  • To maintain compliance and pass audits successfully, set a renewal date that gives your team sufficient time to review and acknowledge policies before the annual deadline.

Update an Overdue Renewal Date

If a policy’s renewal date is overdue and it is not in the Published status, you must update the date before making any other changes. If the renewal date is in the past, the following actions will be blocked until the renewal date is updated:

  • Finalizing a draft.

  • Approving the policy.

  • Saving changes to an Approved policy.

  • Publishing the policy.

Steps to Update the Renewal Date

  1. Navigate to the Policy Center and select the policy.

  2. Click the Edit button in the Policy details section.

  3. Enter a future date for the renewal.

  4. Select Save.

Policy Renewal and Tasks

Drata automatically generates policy-related tasks based on the renewal date. You can find these tasks on the Tasks page.

Policy Renewal and Tests

Policy-related compliance tests use the renewal date to determine whether a policy is still valid. If the renewal date is overdue, the test fails, requiring corrective action.

The following image illustrates a compliance test for the Acceptable Use Policy, ensuring the policy is in place and valid before its renewal date.

Did this answer your question?