Since our software is mostly focused on turning compliance into actual security value by enabling real-time monitoring of technical controls, sometimes we forget to mention our traditional GRC capabilities.
Soooo…here are a few OTHER things you can do with our Q-Products:
- Capture all control evidence to include any electronic files or human activity records
- Track and report on control scores by organization, system, control family, control, and CCI
- View historic control scoring trends
- Apply and tailor common control baselines to systems
- Customize and save your own baselines and control overlays
- Manage control inheritance
- Create and track POAMs
- Add and track your own custom controls
- Manage implementation statements and test procedures
- Manage system surveys
- View a dynamically generated system specific Security Control Traceability Matrix (SCTM)
- Generate a System Security Plan (SSP) at the push of a button in Microsoft Word Format
- …and lots of other stuff!
OK, whew, got that out of the way. Now, back to our technical focus to help you get operational security value! Let us know if you want any more info on that OTHER stuff.