Compliance Monitor Comparison Checklist


Today's security requirements can overwhelm even the most organized IT department. Sarbanes-Oxley (SOX) and Payment Card Industry (PCI) auditors demand proof of compliance on critical systems.

Powertech Compliance Monitor eases the burden of compliance, allowing programmers, analysts, and system managers to return to revenue-producing projects.

Use this checklist to see how your current method compares.

INSTALLATION AND PLANNING Current Method Compliance Monitor
100% IBM i-based, with no external servers or client software required
Wizard-guided installation process for rapid deployment
Report on all configuration and system event activity via a single solution
Contains a comprehensive electronic guide to best practices and regulatory compliance
Generate security and compliance reports within minutes of installation
Automatic installation and configuration of HTTP and web application server
Access the product from anywhere via web browser
Extract and report on all 70+ IBM-generated events from QAUDJRN
Mapped to industry-standard audit frameworks, such as COBIT and ISO17799
Utilizes a single graphical console for managing all security-related audit reporting
Integration with Powertech Exit Point Manager for reporting on transaction firewall events
Integration with Powertech Authority Broker for reporting on privileged user swaps
Highly scalable environment, from single server/uni-partition up to multi-server/ multi-partition
 
COMPLIANCE MONITORING, AUDITING, AND REPORTING Current Method Compliance Monitor
Predefined report groups for MICS (gaming industry), PCI-DSS (payment card industry), Sarbanes-Oxley (SOX), and NIST
Display data via an integrated viewer
Export reports to any combination of .PDF, .CSV, and .XLSX
Send reports to an IFS folder
Run side-by-side comparison reports of system values across multiple endpoints
Hundreds of predefined reports for instant reporting
Dozens of predefined data filters
Design powerful custom filters and share them with other users
Customize reports (select columns, sort order, and apply filters) and save customizations
Collate QAUDJRN reports from multiple systems
Define, customize, and edit custom security policies
Assign custom security policies to each endpoint
Reduce review workload by showing only exceptions to security policy
Highlight (colorize) exceptions to defined security policy based on customizable criticality
Import and export report definitions, filters, scorecard definitions, and security policies
Endpoint filters eliminate unwanted or unnecessary data retrieval
Track overall compliance statistics with easy-to-digest summary scorecards
 
INTERNAL APPLICATION SECURITY AND SETUP OPTIONS Current Method Compliance Monitor
Comprehensive security authorization scheme isolates users from complexities of IBM i infrastructure
Auditing user does not require credentials on endpoint servers
Protect audit elements: reports, endpoint systems, customized reports, filters, etc.
Auditing user profile does not require any IBM i special authority
Accommodate servers residing in different time zones, adjusted to the local time
Provides the administrator with diagnostic access and diagnostic logging
Consolidator preferences include the ability to encrypt, provide tamper resistance, and require digital signatures to PDF reports
 
AUTOMATIC, BATCH, AND MANUAL ASSESSMENT AVAILABILITY Current Method Compliance Monitor
Define batch assessment to run automatically (scheduled) or invoke manually
Schedule using IBM regular and advanced job scheduler, Robot Schedule or application code
Distribute batch report results via email to an individual or distribution list
View completed manual and batch assessments in centralized dashboard viewer
Harvest and centrally store QAUDJRN data from multiple endpoints with over 90% compression
Digitally sign and encrypt reports prior to electronic distribution
Configure the collection aging thresholds for manual and automatic assessment data by ‘age’ or ‘storage used’
 

 

See Compliance Monitor in Action