1. Symantec/
  2. Security Response/
  3. Security Updates Detail

Symantec Control Compliance Suite Assessment Manager 11.x - Symantec Control Compliance Suite Assessment Manager (AM) 11.1 and AM 11.1.1 Security Content Update (SCU)

January 31, 2018

Description

Security Content Update (SCU) provides periodic security content updates on Symantec Control Compliance Suite™ Assessment Manager 11.1 and AM 11.1.1.


Download SCU 2017-4: CCS_11_x_17_4_Content_Update_Win.exe


MD5: 3608a5116a004e5a39d62e052719abf7



Content added in 2017-4 update


After you install the Security Content Update 2017-4 on CCS Assessment Manager (AM) 11.1 and CCS AM 11.1.1, the following English content is added:


  • CIS Critical Security Controls for Effective Cyber Defense Ver 6.1


Content modified in AM SCU


New questions are added in the General Data Protection Regulation (GDPR) (EU) questionnaire for the following articles in the GDPR mandate:


  • Article 11: Processing which does not require identification

  • Article 34: Communication of a personal data breach to the data subject

  • Article 47: Binding corporate rules

  • Article 48: GDPR Transfers or disclosures not authorised by Union law

  • Article 82: Right to compensation and liability

  • Article 85: Processing and freedom of expression and information

  • Article 87: Processing of the national identification number

  • Article 88: Processing in the context of employment

  • Article 89: Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes

  • Article 90: Obligations of secrecy



LEGAL DISCLAIMER FOR GENERAL DATA PROTECTION REGULATION (EU) QUESTIONNAIRE



The Customer acknowledges and agrees that this questionnaire is provided for general information and internal record keeping purposes only. Neither the questionnaire nor the dashboards and the reports generated on its basis constitute legal advice or opinion of any kind, or any advertising or solicitation, and should not be treated as such. No lawyer-client, advisory, fiduciary or other relationship is created between Symantec and the Customer by virtue of this questionnaire.


This questionnaire is comprised of a series of questions based on an arbitrary and discretionary subset of the general provisions and requirements of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) as published in the Official Journal of the European Union (L 119/1) on May 4th, 2016. This questionnaire is in no event meant to provide a complete, accurate or adequate review of the GDPR and the Customer is solely responsible to determine the relevance and adequacy of each question to the Customer's activities, operations and requirements and to the GDPR. The sole purpose of this questionnaire is to record the Customer's statement as to whether the Customer is able to document its self-determined answer to each question.


Consequently the Customer acknowledges and agrees that:


- the questionnaire does not intend to comprehensively cover all requirements of the GDPR;


- the inclusion of any question in the questionnaire does in no way imply that the question is relevant or applicable to the Customer, as only the Customer can make such determination;


- the absence of any reference to a particular provision or requirement of the GDPR from the questionnaire does in no way imply that the particular provision or requirement is not relevant or applicable to the Customer, as only the Customer can make such determination; and


- the dashboards and reports generated on the basis of the questionnaire only provide a record of the Customer's self-determined answers to each question and do in no way constitute any reliable indication or statement of legal conformity, compliance or adequacy under the provisions and requirements of the GDPR or of any other legislative or regulatory instrument.


Symantec makes no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability or suitability with respect to the purpose, content and/or results of the questionnaire. Any reliance the Customer may place on the questionnaire and the results generated is therefore strictly at the Customer's own discretion and risk.


In no event shall Symantec be liable for any damages, losses or causes of action of any nature arising from the provision or use of the questionnaire tool (including the dashboards and reports generated and their interpretation) by the Customer.


Content removed in 2017-4 update


As part of our continued effort to release and support relevant content, we are discontinuing support for the following AICPA questionnaires from the Security Content Update 2017-4 for CCS Assessment Manager (AM) 11.1 and CCS AM 11.1.1:


  • AICPA Trust Services Principles and Criteria

  • AICPA SOX Assessment - Conducting an Executive Session

  • AICPA SOX Assessment - COSO Framework

  • AICPA SOX Assessment - Evaluation of Internal Audit Team

  • AICPA SOX Assessment - Evaluation of the Independent Auditor

  • AICPA SOX Assessment - Guidelines for Hiring CAE

  • AICPA SOX Assessment - Other Questions for Management

  • AICPA SOX Assessment COSO Framework


For more information about the updates released in this SCU, refer to the Assessment Manager Security Content Update 2017-4 Release Notes (Versions: AM 11.1 and AM 11.1.1)


ReadMe_AM_SCU_2017-4.pdf


*Signature names may have been updated to comply with an updated IPS Signature naming convention. See http://www.symantec.com/business/support/index?page=content&id=TECH152794&key=54619&actp=LIST for more information.


Last modified on: January 31, 2018
Security Response Blog
The State of Spam