Symantec Control Compliance Suite

Symantec Control Compliance Suite, Policy Management assists with defining and mapping of policies to best practices, frameworks, and regulations, and identifies overlaps in control objectives to reduce duplicate assessment efforts. Symantec’s Policy Management also automates the distribution of written policies throughout the organization, tracking end-user policy acceptances and exception requests. It collects evidence of compliance to control objectives through integration with other Symantec Control Compliance Suite components that provide both procedural and technical assessments, thus enabling analysis and reporting on compliance efforts. In addition, Policy Management ships with over 125 sample policies and policy templates, and is fully and easily customizable. Newly enhanced reporting and dashboard capabilities allow more flexibility for distributing information.

Il modulo Response Assessment automatizza la valutazione dei controlli non programmatici. Questi controlli non programmatici costituiscono la maggior parte degli obiettivi stabiliti nelle normative e strutture di riferimento. Spesso le organizzazioni si affidano a valutazioni su carta che sono costose e difficili da gestire. RAM gestisce il processo di valutazione manuale dalla creazione e distribuzione del questionario all'analisi dei dati delle risposte. RAM si integra con CCS per offrire un quadro completo dei controlli procedurali e tecnici in grado di garantire la copertura delle policy.

Symantec Control Compliance Suite, IT Controls Management automates the assessment, reporting and the remediation of deviations from technical standards and makes it possible to automate the identification and the remediation workflow for mis-configurations:

• Assessment - Create standards from pre-built content, assess vulnerabilities and configuration drift, agent-less and agent-based data collection.
• Remediation – Out of the box, step-by-step remediation guidance, ticketing integration, and Built-in direct remediation.
• Analyze Results - Publish as evidence of compliance to policies, vulnerabilities, and IT Risk, out-of-the box reports and dashboards