McAfee PASCDE-AB-IA Product Guide - Page 39

Creating and managing audits McAfee Policy Auditor allows you to create audits based on benchmarks and assign them to run on systems. You can create audits from a McAfee-supplied selection of predefined benchmarks established by government and industry such as SOX, HIPAA, PCI, and FISMA. You can also create audits based on third-party benchmarks or benchmarks that you create yourself. Audits return results that include a score allowing you to determine how well a system complies with the rules in the benchmark. Contents Audits and how they work Activate benchmarks Create an audit Run an audit manually Disable an audit Delete audits Audit whiteout and blackout periods Service Level Agreements Exporting audits and audit results Export audits Audits and how they work McAfee Policy Auditor evaluates systems against independent standards that are developed by government and private industry. It can also evaluate systems against standards that you create. The software uses audits to determine the compliance status of a system, and returns results indicating areas that are out of compliance. An audit consists of: • A benchmark or a selected profile within a benchmark • A system or groups of systems • An audit frequency (how often the data should be gathered) • An optional waiver to temporarily exclude systems or audit results from reports Benchmarks are documents that contain rules for describing the desired state of a system according to recognized standards. Rules contain one or more checks that are normally written in the OVAL language. See the documentation for McAfee Benchmark Editor to learn more about benchmarks and their structure. McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6 39