You can import policies directly to your account from our Compliance Policy Library.
The library includes policies that are based on popular compliance frameworks, including SOX, HIPAA, CoBIT and more.
Go to PC > Policies > New > Policy > Import from Library. Click on the policy you want and then click Next. Follow the wizard to give your policy a name and choose whether the policy should be locked or unlocked after import.
Tell me about locked policiesTell me about locked policies
Our library includes locked policies for testing compliance against specific CIS benchmarks. These policies have been reviewed and certified by CIS (the Center for Internet Security). When a policy is locked, you can add hosts to the policy but you can't make any other edits. (Tip - During the import you'll have the option to import the locked policy as unlocked. This lets you remove the editing restrictions.)
You can edit the policy to change the assigned asset groups. If the policy is unlocked, you can also change the title, technologies, controls, etc. If the policy is locked, no other changes are allowed. You can, however, save a copy of any locked policy with a new name and edit it as needed.
When there's a newer version of a policy available, the new version will be added to the Policy Compliance Library and the old version will be removed from the Library. You'll notice that each policy has a version number. Go to PC > Policies > New > Policy > Import from Library, select the policy version you're interested in and click Next to import it to your account. It's up to you whether you want to delete old policy versions from your account or keep them.
How do you know when there's a new policy version available? We announce Policy Compliance Library Updates at notifications.qualys.com on a regular basis. Follow Qualys notifications to get these updates.
You can also import a compliance policy from an XML file. Learn more