Surveying policies, controls and compliance
Posted on 29 February 2012.
Qualys unveiled a new service for its QualysGuard Cloud Platform and suite of integrated applications for security and compliance to help businesses further automate their compliance tasks and reduce the time and effort for manual assessment of IT and non-IT controls.

The QualysGuard Customizable Questionnaire service enables customers to easily build questionnaires using the Unified Compliance Framework (UCF), as well as leverage existing business process workflows to evaluate controls, gather documents and evidence and validate compliance.


The service automatically generates survey questions based on policies, compliance requirements and controls selected by the organization. Surveys can be delegated to employees across the organization based on their roles and areas of responsibility.

The service also provides a customizable workflow engine which includes the ability to send email reminders to survey respondents, track progress, and communicate with external applications. It also includes simple and easy-to-use reports on survey status to allow tracking of self-assessment efforts.

In more details the new service provides:
  • Automation of manual assessments of controls and business processes as well as policy dissemination
  • Ability to define audit work flow via a customizable language or over a dozen out-of-box actions including questionnaire assignment, delegation, escalation and notification
  • Control documentation including file-based evidence collection
  • Policy repository of nearly 1000 standards and regulations via integration with the Unified Compliance Framework
QualysGuard Policy Compliance allows organizations to automate the collection and validation of configuration and security data across IT assets and maps it to IT-GRC data model.

QualysGuard Policy Compliance is delivered via a cloud platform, reducing customers’ total cost of ownership and providing IT and security organizations with a more efficient means to monitor compliance and risk.





Spotlight

Review: Bulletproof SSL and TLS

Posted on 12 September 2014.  |  Deploying SSL or TLS in a secure way is a great challenge for system administrators. This book aims to simplify that challenge by offering extensive knowledge and good advice - all in one place.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 15th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //