Manage Your Policies

How do I create a new policy?

Identify active and inactive policies

When are policies evaluated?

How do I deactivate a policy?

Can I export my policies?

What happens once I deactivate a policy?

Tell me about locked policies

How do I activate a policy?

Want to lock your own policy?

What happens when a policy is re-activated?


How do I create a new policy?

Go to PC > Policies > New > Policy. Then choose one of these options: 1) start with an empty policy and build it from scratch, 2) create a policy based on scan data from an existing host, 3) import a policy from our Library or 4) import a policy from an XML file. We'll walk you through the steps.

By default your new policy will be active, which means it is available for scanning and reporting from the time it is created. To create an inactive policy, simply clear the "Activate this policy" check box and the new policy will be saved as inactive. It’s easy to activate it at a later time.

When are policies evaluated?

We always evaluate policies when new scan results are processed for the hosts in your policy. You can also start policy evaluation when saving changes to a policy (just click Evaluate now before hitting Save) or anytime from the policies list (choose the Evaluate action). You'll see the date/time of the last policy evaluation in the preview pane of the policies list.

Can I export my policies?

Yes, by exporting a compliance policy to XML or CSV, you can easily share the policy with other users. Users can import policies that are in XML format into their subscription. Learn more

Tell me about locked policies in the library

Our library includes locked policies for testing compliance against specific CIS benchmarks. These policies have been reviewed and certified by CIS (the Center for Internet Security). When a policy is locked, you can add hosts to the policy but you can't make any other edits. (Tip - During the import you'll have the option to import the locked policy as unlocked. This lets you remove the editing restrictions.)

Want to lock your own policy?

This prevents others from editing it. Policies locked by a user can be easily identified by this icon Locked Policy Icon  Learn More

Tell me the steps. Go to your policies list and choose the action you want to take from the Quick Actions menu - Lock or Unlock. Use the Actions menu to take action on multiple policies in one go. Tip - You can also do this from within the Policy Editor.

Identify active and inactive policies

You can easily identify the policy status by the following icons: Active Policy Icon means Active Policy and Inactive Policy Icon means Inactive Policy.

How do I deactivate a policy?

Go to PC > Policies and identify the policy you want to deactivate. Then choose Deactivate from the Quick Actions menu. Tip - You can also deactivate the policy from within the Policy Editor.

What happens once I deactivate a policy?

Posture evaluation will not take place for the policy. The policy will be hidden from your dashboard, reports and exceptions. The policy will be removed from compliance scorecard reports and from option profiles (with the Scan by Policy option enabled). Any policy report schedules for the policy will also be deactivated.

How do I activate a policy?

Go to PC > Policies and identify the policy you want to activate. Then choose Activate from the Quick Actions menu. Tip - You can also activate the policy from within the Policy Editor. By default, any new policy is marked active.

What happens when a policy is re-activated?

Posture evaluation will resume and the policy will be available again for scanning and reporting. You’ll need to manually re-activate the report schedules however the policy will be pre-selected for you. You need to also add the policy back to your scorecard reports and option profiles, manually.