Follow

Reading Compliance Dashboard

NormShield aggregates compliance control results into a dashboard. The below image shows an example Compliance Dashboard;

As in the vulnerability management dashboard and continuous perimeter monitoring dashboard shown information are presented as row by row.

As always, the first row contains badges.

Starting from the left, the first badge includes the number of different standards that compliance controls refer to so far. For example PCI-DSS v3, PCI-DSS v2, CPE, CVE, HIPAA, etc.

The second badge contains the ratio of the assets with compliance control results over the assets (currently selected company or the whole company).

The third badge contains the ratio of the assets without any FAILED (not INCONCLUSIVE) controls over the assets with any compliance control results.

The fourth badge is the ratio of controls whose tickets have been opened over the number of total FAILED controls.

The fifth badge contains the number of overall control categories so far. Control categories contain controls' unique information such as name, description, mitigation as such.

The last badge contains the ratio of inconclusive controls over the total controls so far.

The second row contains three parts, starting from the left;

The first graph includes the compliance control historical trend with three different control status shown; inconclusive, failed and passed. Inconclusive status denotes any control that couldn't be classified as FAILED nor PASSED.

The second graph contains a heat map of label grouped number of controls against three statuses (inconclusive, failed and passed).

The last graph contains TOP 5 FAILED controls categories with their numbers respectively on each of them.

The last row contains five graphs, starting from the left;

The first graph is the status distribution of controls with their tickets already assigned to users.

The second graph is the status distribution of overall controls.

The third graph contains the bar chart of top 5 FAILED assets including their individual control status numbers.

The fourth graph is the completeness score of the compliance (for the selected company or overall companies) controls. This score is basically out of 100 and calculated by using the number of PASSED controls over the number of all controls.

Lastly the riskiest control ticket is the oldest days passed of a control whose ticket has been opened so far. This denotes the number of priority control that should be taken care of with a simple criteria.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk