Import Compliance Policy from XML

Import a policy directly into your account from an XML file.

What XML file can I import?

The XML file may be one that was exported from your account or one that was shared with you by another security professional.

How do I import a policy from an XML file?

Go to PC > Policies > New > Policy > Import from XML file. Follow the wizard to select an XML file to import and give your policy a name. By default, we'll only import the service-provided controls in the policy. Choose "Create user defined controls" to also import UDCs.

Once imported, the policy appears in your policies list where you can assign assets to the policy and customize the policy settings.

How does it work?

When you import a policy from an XML file, we perform several validation checks on the XML. If validation is successful, the policy is saved to your policies list. If validation fails, an error appears and the policy cannot be imported. Fix the XML and try again.

Is checksum verification performed?Is checksum verification performed?

This depends on when the policy was exported. If the policy was exported from 8.0 or later, then checksum verification is not required because the EVALUATE element does not include the checksum. If it was exported prior to 8.0, the checksum is validated to ensure that the evaluation logic hasn't been modified since it was exported. If the evaluation logic has changed then validation will fail.

Can I remove the EVALUATE element from the XML?Can I remove the EVALUATE element from the XML?

Yes. When EVALUATE is not present for a control, the control is automatically assigned the default control value from the controls library.

Don't have an XML file?

Check out the Compliance Policy Library. We have several policies you can import directly into your account. Learn more