Our auditors like the compliance reports but we are being asked to supply a report of what is being checked and how.
So what I asking for is a report that I could hand to the auditors that looks something like
- Compliance Policy Report Name
- Policy Name used within the report
- Rules used within the policy
- Name
- Description
- String Match
- Remediation
- Rules used within the policy
- Policy Name used within the report
- Rules used within the policy
- Name
- Description
- String Match
- Remediation
- Rules used within the policy
- Policy Name used within the report
This would also be helpful for versioning and changes made to the rules