Qmulos is pleased to announce the general availability of Q-Compliance V3.6.0.  Some of the exciting new features that we’ve added in this latest release of Q-Compliance include:

• More robust compliance alerting and automation capabilities
• Improved control data coverage analytics
• Improved eMASS integration capabilities
• POA&M management enhancements

Read on for more details on how features in this latest release can make a data-driven approach to risk management even easier for you!

More Robust Compliance Alerting and Automation Capabilities

Our alerting and automation capabilities are one of our key differentiators that set us apart from typical GRC tools.  We continue to add more powerful alerting and automation features in this release.  You can now automatically create 800-53A test cases for your systems in Q-Compliance and automatically pass or fail those test cases using custom Splunk alerts and our test case alert action.  We’ve also added an alert action that allows you to pass or fail controls at the more granular Control Correlation Identifier (CCI) level for our customers that follow that Department of Defense standard.  In addition, we’ve added an alert action to automatically create control records that comprise our human activity evidence for controls, allowing you to take the human out of human activity! To top it all off, we have created a brand new Alert Management user interface to make it easier to create and manage all of the powerful alerting and automation capabilities within Q-Compliance.

Improved Control Data Coverage Analytics

The data is the fuel that drives the capabilities in Q-Compliance and we provide analytics that allow you to identify the necessary data to enable continuous monitoring of your controls.  In Q-Compliance V3.6.0, we’ve added features to our Control Monitoring Coverage and Data Sources dashboards so that you can more easily identify what data you have and what data is missing to populate the control

Improved eMASS Integration Capabilities

For our customers in the Department of Defense community, Q-Compliance V3.6.0 includes additional integration features that further streamline your use of Q-Compliance in conjunction with eMASS.  We’ve added bi-directional import/export so that you can now import assessment results from eMASS into Q-Compliance and vice-versa using the eMASS Test Results Import template.  You also now have the flexibility to choose between using the CCI assessment results or test case results in Q-Compliance for the import/export functions.  We’ve also improved the the eMASS POAM import/export to work with milestone changes based on much appreciated customer feedback.

POA&M Management Enhancements

Plan of Actions and Milestones are a critical component of any organization’s compliance processes and it is important to track the changes to a system’s POA&Ms, so in V3.6.0 we’ve added more detailed auditing of when POA&Ms are created and updated for a system.  Combined with our fine-grained role-based access control, you now have complete control and visibility into who can change a system’s POA&Ms and what changes they’ve made.  We’ve also made some improvements to the POA&M Overview dashboard to better track the indicators of POA&M management at a more executive level.

Other Enhancements

Other enhancements in Q-Compliance V3.6.0 include usability enhancements on the Control Compliance Hub and Organization-Defined Parameter Configuration pages; improved performance and scheduling on the analytics that populate the Control Monitoring Coverage Dashboard and Historic Overview Dashboard; more details in the auto-generated System Security Plans; easier configuration of light vs. dark mode for the user interface; as well as various bug fixes. For more details on any of these other features or to see a demo, please contact sales@qmulos.com.