Surveying policies, controls and compliance
Posted on 29 February 2012.
Qualys unveiled a new service for its QualysGuard Cloud Platform and suite of integrated applications for security and compliance to help businesses further automate their compliance tasks and reduce the time and effort for manual assessment of IT and non-IT controls.

The QualysGuard Customizable Questionnaire service enables customers to easily build questionnaires using the Unified Compliance Framework (UCF), as well as leverage existing business process workflows to evaluate controls, gather documents and evidence and validate compliance.


The service automatically generates survey questions based on policies, compliance requirements and controls selected by the organization. Surveys can be delegated to employees across the organization based on their roles and areas of responsibility.

The service also provides a customizable workflow engine which includes the ability to send email reminders to survey respondents, track progress, and communicate with external applications. It also includes simple and easy-to-use reports on survey status to allow tracking of self-assessment efforts.

In more details the new service provides:
  • Automation of manual assessments of controls and business processes as well as policy dissemination
  • Ability to define audit work flow via a customizable language or over a dozen out-of-box actions including questionnaire assignment, delegation, escalation and notification
  • Control documentation including file-based evidence collection
  • Policy repository of nearly 1000 standards and regulations via integration with the Unified Compliance Framework
QualysGuard Policy Compliance allows organizations to automate the collection and validation of configuration and security data across IT assets and maps it to IT-GRC data model.

QualysGuard Policy Compliance is delivered via a cloud platform, reducing customers’ total cost of ownership and providing IT and security organizations with a more efficient means to monitor compliance and risk.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //