The QualysGuard Customizable Questionnaire service enables customers to easily build questionnaires using the Unified Compliance Framework (UCF), as well as leverage existing business process workflows to evaluate controls, gather documents and evidence and validate compliance.
The service automatically generates survey questions based on policies, compliance requirements and controls selected by the organization. Surveys can be delegated to employees across the organization based on their roles and areas of responsibility.
The service also provides a customizable workflow engine which includes the ability to send email reminders to survey respondents, track progress, and communicate with external applications. It also includes simple and easy-to-use reports on survey status to allow tracking of self-assessment efforts.
In more details the new service provides:
- Automation of manual assessments of controls and business processes as well as policy dissemination
- Ability to define audit work flow via a customizable language or over a dozen out-of-box actions including questionnaire assignment, delegation, escalation and notification
- Control documentation including file-based evidence collection
- Policy repository of nearly 1000 standards and regulations via integration with the Unified Compliance Framework
QualysGuard Policy Compliance is delivered via a cloud platform, reducing customers’ total cost of ownership and providing IT and security organizations with a more efficient means to monitor compliance and risk.