[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_column_text]The Policy Generator is a quick way to create customized policies for your organization. Many of the controls can be fully or partially satisfied by providing evidence of company-specific policies.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]
Why Use the Policy Generator?
[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_column_text]Let’s use Control 3.3.5 as an example. The control requirement states: “Correlate audit review, analysis, and reporting processes for investigation and response to indications of inappropriate, suspicious, or unusual activity”.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_single_image image=”10274″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_column_text]The ComplyUp Comments give us a bit more information on how to respond.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_single_image image=”10273″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][vc_column_text]Wouldn’t it be nice to have a Security Response Plan that outlines exactly how your organization investigates and responds to indications of inappropriate, suspicious, or unusual activity? Maybe a document describing your logging processes would be helpful as well.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column width=”2/6″][vc_single_image image=”10275″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][/vc_column][vc_column width=”2/6″][vc_column_text]Let’s look at the Evidence Recommendations.[/vc_column_text][vc_column_text]It looks like two Policy Templates are available that would work quite well with this control. Let’s head over to the Policy Generator.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]
Policy Generator Usage
[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_column_text]The Policy Generator lists a series of templates available for customization.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_single_image image=”10277″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_column_text]Click on a policy to load it in the Policy Editor.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_single_image image=”10278″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column width=”4/6″][vc_column_text]The policy editor pre-populates the template with your Organization’s Name. Use the editor to make changes to the policy so it aligns with your organization’s guidelines.[/vc_column_text][vc_column_text]Many of the policies can be associated with more than one control. The Security Response Plan mentioned earlier is appropriate evidence for several controls: 3.3.5, 3.6.1, 3.6.2, 3.6.3, 3.13.14. Decide if you’d like to auto-associate this template to all recommended controls, then click Save in the Save Policy section. The template will be saved as a PDF and added to the Evidence View.[/vc_column_text][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column width=”2/6″][vc_single_image image=”10276″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][/vc_column][vc_column width=”2/6″][vc_single_image image=”10280″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row][vc_row][vc_column][/vc_column][/vc_row][vc_row][vc_column width=”2/6″][vc_column_text]If the new policy was auto-associated to all recommended controls, it will be visible in the Evidence section of the associated control in the Control View.[/vc_column_text][/vc_column][vc_column width=”2/6″][vc_single_image image=”10281″ img_size=”full” alignment=”center” style=”vc_box_rounded” onclick=”img_link_large” img_link_target=”_blank”][/vc_column][vc_column width=”2/6″][/vc_column][/vc_row]