Rethinking the Role of Compliance

Q-Compliance V3.7.0 General Availability

Qmulos is pleased to announce the general availability of Q-Compliance V3.7.0! Here are some of the key exciting features added for this release:
• Dynamic tracking of the RMF process
• Automated transfer of system data from rev. 4 to rev. 5
• Applying 800-53B (rev. 5) baselines
• POA&M management enhancements
• Enhanced control monitoring coverage usability

Read on for more detail on how the latest features can help you take on a more data-driven approach to risk management!

A Bigger Picture of Compliance (RMF Overview)

If you haven’t read our RMF blog series, you know that there’s six phases in the RMF process. Within each phase are multiple tasks to set up your system, which can get a little tedious and hard to track over time. Wouldn’t it be great if you could dynamically track which tasks you’ve completed in each phase of your system? As an ISSO or new system owner, the RMF Overview page provides a great reference on your system’s current compliance posture, showing you exactly what tasks are completed and have yet to be completed. Experience a more active approach to compliance! You will feel more confident in winning the compliance game!

Transition From Rev. 4 To Rev. 5 (System Migration)

In September 2020, NIST officially released its SP 800-53 revision 5 documentation. Now, approaching the one-year mark since release, organizations complying with NIST 800-53 rev. 4 will have to begin complying with the new standard starting Sept 2021. It’s a challenging task to fully transition, but that’s where we come in to do the hard work for you. In Q-Compliance V3.7.0, we’ve built a system migration page specifically to handle this job. Next thing you know, your systems are updated to the new rev 5 controls, and it all happens within a few clicks.

Applying 800-53B (Rev.5) Baselines

In October 2020, NIST released its SP 800-53B publication for control baselines of information systems and organizations in conjunction with SP 800-53 Rev. 5. Understanding that Rev. 5 will take effect in Sept 2021, Q-Compliance V3.7.0 will allow you to apply these baselines to your new or existing systems, starting now. In just a few clicks, Q-Compliance applies all the necessary controls to your system, whether it’s choosing the low, moderate, or high-level baselines!

Control Data Coverage Usability

Data is the fuel that drives the capabilities in Q-Compliance. As such, we provide analytics that allow you to identify the necessary data to enable continuous monitoring of your controls. In Q-Compliance V3.7.0, we’ve added features to our Control Monitoring Coverage to keep track of historical data and allow you to export all the control information on that dashboard out into a CSV file. Now, you can get all of the control status information in your own hands!

POA&M Management Enhancements

We know that Plan of Actions and Milestones remain a critical component of any organization’s compliance processes, and that keeping track of POA&Ms can become burdensome. That’s why we’ve enhanced the POA&M Overview dashboard for interaction, allowing you to create, edit, or view specific POA&Ms in more detail and navigate directly to the control page if needed. In addition, you can also create new POA&Ms for your system directly from the System Actions dashboard.

Other Enhancements

Other enhancements in Q-Compliance V3.7.0 include usability enhancements on the Control Compliance Hub, improvements in eMASS integration capabilities, enhancements on the System Management page, as well as various bug fixes. For more details on any of these other features or to see a demo, please contact

Others have also read ...


What is ISO 27001 Compliance?

ISO 27001 compliance involves adhering to the international standard for information security management systems (ISMS). This standard provides a systematic approach to managing sensitive information and ensuring data security.

Qmulos’ platform supports ISO 27001 compliance by automating the processes required to implement and maintain an ISMS. Our solutions provide real-time visibility into compliance status, ensuring that organizations can continuously meet the requirements of the standard.

Read More »

Qmulos Recognized in 2024 Splunk Regional Partner Awards

Qmulos Named 2024 Regional Partner of the Year Winner for Outstanding Public Sector
Partnership – Qmulos, a next-generation compliance, security and risk management automation provider, announced today it has received the 2024 Regional Partner of the Year award for exceptional performance and commitment to their Splunk partnership.

Read More »

What is Continuous Authority to Operate (cATO)?

Continuous Authority to Operate (cATO) is a dynamic and ongoing process for maintaining the authorization to operate IT systems within a federal agency. Unlike traditional ATO processes, cATO involves continuous monitoring and assessment of security controls to ensure compliance.

Qmulos supports cATO by providing continuous monitoring and real-time reporting capabilities. Our platform enables federal agencies to maintain their ATO status by continuously assessing and addressing security controls and compliance requirements.

Read More »

What is M-21-31 Compliance Automation?

M-21-31 compliance automation refers to automating the processes required to comply with the U.S. Office of Management and Budget’s (OMB) memorandum M-21-31. This memorandum outlines requirements for federal agencies to implement zero trust architecture and modernize cybersecurity defenses.

Qmulos offers solutions that help organizations automate M-21-31 compliance, providing real-time visibility and reporting capabilities. Our platform ensures that organizations can efficiently meet the requirements of the memorandum and enhance their cybersecurity posture.

Read More »

What is Compliance Workflow Automation?

Compliance workflow automation involves using technology to automate the processes and tasks involved in managing compliance. This includes automating data collection, reporting, and monitoring to streamline compliance activities and reduce manual effort.

Qmulos provides comprehensive compliance workflow automation solutions that enhance efficiency and accuracy in compliance management. Our platform automates key compliance processes, enabling organizations to focus on strategic initiatives and maintain continuous compliance.

Read More »

What is IT Risk Management?

IT risk management is the process of identifying, assessing, and mitigating risks associated with an organization’s information technology systems. This includes managing risks related to data breaches, cyberattacks, and system failures.

Qmulos’ IT risk management solutions integrate risk assessment and management into our broader compliance platform. Our approach ensures that organizations can effectively identify and mitigate IT risks while maintaining compliance with regulatory requirements.

Read More »

Request a Demo

Learn how QMULOS can help your company grow by scheduling a demo with our team.