Assessing the compliance and the risk posture of the system

The assessment of the compliance and the risk posture of the system begins when you import all the known assets into the system. Control Compliance Suite lets you proactively assess the assets against a set of standards. The assessment is done based on the data that is collected from the data collection components of the Control Compliance Suite. This comparison of the computer settings to predefined Standards is called an evaluation.

Before you begin the evaluation of the imported assets against the Standards, it is recommended that you review the basic concepts in Standards.

See Concepts in standards management.

Table: Compliance and risk posture assessment

Task	Description
Understand and identify the predefined standard for assessment	Go to Manage > Standards . Consider the following to understand the predefined standards: Browse through the predefined standards in the tree pane under the Standards node. Identify the predefined standard that you want to use for assessment of the imported assets. See About standards.
Collecting data for evaluation	Go to Manage > Assets > Asset System > Global Tasks. Consider the following when you collect the data for evaluation: Select the asset type or the asset group for which you want to collect the data for evaluation and select Setup Data Collection. See Setting up a data collection job.
Evaluating the assets against the standards	Go to Manage > Assets > Asset System > Global Tasks. Consider the following to evaluate the assets against the standards: Create an evaluation job to evaluate the assets for which the data is collected. The information that you specify during the evaluation process is saved in the evaluation job. Hence, an evaluation job lets you perform the evaluation process repeatedly without having to specify the evaluation criteria again. Evaluation jobs can be scheduled to run at predefined intervals. See Running an evaluation job.
Viewing the evaluation results	Go to Manage > Assets > Asset System. Consider the following to view the evaluation results: View the details of the assets that are evaluated against a standard in the Details pane. The details pane presents the following information about the evaluation: Standard against which the evaluation job was run Evaluation date Checks evaluated Checks not evaluated Compliance score Risk score See Running an evaluation job. See Viewing the evaluation results in the details pane.
Generate reports based on evaluation	Go to Reporting > Report Templates Consider the following while generating the compliance reports Generate reports that provide a summary of the compliance of assets against the required standards. See Predefined report and dashboard descriptions. See Working with reports .