|
|
You may have an asset in your enterprise that is set up exactly as per the security guidelines or policies of your organization. You may want to create a standard that is based on the values of this reference asset.
Control Compliance Suite partially automates this process of creating a standard from values of a reference asset and hence saves you valuable time. Such a standard that is built from the values present in a reference asset is known as a gold standard.
For example, consider that you have a computer in your network that is configured in accordance with the security practices adopted by the organization. You want the values of this computer to act as a benchmark for the other computers in the enterprise. Then Control Compliance Suite can create a gold standard for you by replacing the expression values in a reference standard with data from the reference computer.
Assume that a check in a reference standard has the following expression:
The reference asset has the minimum password length as 10.
The resulting gold standard check has the following expression:
Control Compliance Suite may not be able to replace the expression values in a reference standard if the data is ambiguous or the check is complex.