Rethinking the Role of Compliance

Automatic System Security Plan (SSP) Generation

Feature Highlight: Automatic System Security Plan (SSP) Generation! Want to avoid spending time doing paperwork? Hopefully this can save you hours, if not days and weeks. With Q-Compliance, generating an SSP is as easy as clicking a button. Here’s how. Simply navigate to the System Action Page and click the Generate New SSP button.

Q-Compliance System Actions Page to automate System Security Plans

Within seconds, a new link appears in the SSP Reports table showing the date/time of creation and who created it. From there, simply click on the link to view your up to the minute SSP report in MS Word format.

After that, within the report you will see various attributes of the system which you can customize to capture the information you want to see. In this case, we have added items like system owner, risk level, ISSO, and authorizing official. You will also find a full, dynamically generated, list of the hardware inventory comprising the system.

an automated System Security Plan using Qmulos solution, Q-Compliance

A list of all authorized software:

Authorized Software in a sample SSP Report

A list of any blacklisted software:

Blacklisted Software in a sample automated System Security Report

Additionally, the report includes all relevant information for every applicable control. For instance, audit, assessment, and monitoring frequency, type of control, provider (if any), justification, last audit and assessment date, reviewer, status, and findings, and the detailed control requirements to include defined ODPs, supplemental guidance and implementation statements.

automatic SSP generation using Qmulos

In conclusion, generating an automatic System Security Plan  has never been easier with Qmulos and Splunk. Of course, the data in the SSP is only as good as the data ingesting through Splunk. But, as Splunk is the best at ingesting data, this should not be an issue. Qmulos gives the ingested data, true security context. If you’d like to learn more about how Qmulos is reinventing real-time continuous monitoring, and how your organization can generate an automatic System Security Plan, please fill out the form on the right and we can give you more information!

Others have also read ...

Knowledge Hub

General Availability of Q-Compliance V4.3.0 and Supporting Apps/Add-Ons

On top of the support for several new and updated compliance frameworks and standards, we’ve added many exciting new features that improve and streamline integration with the DoD’s eMASS system, the set-up of new systems/accreditation boundaries, data onboarding, assessment, and continuous monitoring of controls. 

Read More »

Request a Demo

Learn how QMULOS can help your company grow by scheduling a demo with our team.