What are the steps?
It's easy to create a custom template. Just go to Reports > Templates and:
1) select STIG Template.
2) configure the report template settings.
Tell me about the report layoutTell me about the report layout
Define what all information you want to display in your report.
You can view results as per STIG ID, and Rule IDs or Vuln IDs provided in the DISA benchmarks:
What are STIG Postures?
Each STIG rule is associated with one or more controls. Posture is calculated based on the status of associated controls.
Types of postures:
| Type | Rules with Single control | Rules with Multiple controls |
| Compliant | Control status is Pass | Status for all controls is Pass |
| Non-compliant | Control status is Fail or Error | Status for even one control is Fail or Error |
| Not Scored | Control status is Not Applicable | Status for even one control Not Applicable |
For rules with multiple controls, the posture is considered to be Not Scored if at least one of the controls associated with the rule does not have a status, i.e. one of them is not part of the policy used to generate STIG report or the control is not mapped to any rule in the STIG framework but is part of the policy.
What is STIG severity?
Severity category indicates the risk level associated with an information assurance (IA) control or IA best practice security weakness and provides a sense of urgency for corrective action.
I need help with the STIG template settingsI need help with the STIG template settings
Tell me more about:
Make this a globally available template 
Make this a globally available template
Managers and Unit Managers can select this option to make the template globally available to all users. Once published as a global template, users have the option to save personal copies of the template and can use them as the basis for creating new, custom templates.
Permissions: When is option is selected by a Unit Manager, the template is available to users in their own business unit.
Tell me about the ownerTell me about the owner
The user who created the report template is the owner by default. Managers and Unit Managers have the option to change the owner by editing the template.
> Owner of Gobal Report Template> Owner of Gobal Report Template
Global report templates may be owned by Managers and Unit Managers.
|
User Taking Action |
Current Owner |
Possible New Owner |
|
Manager |
Manager in the Unassigned business unit |
Manager in the Unassigned business unit |
|
Manager |
Unit Manager in a custom business unit |
Manager in the Unassigned business unit |
|
Unit Manager |
Unit Manager in a custom business unit |
Unit Manager in the same business unit as the current owner |
> Owner of Non-Global Report Template> Owner of Non-Global Report Template
Non-global report templates may be owned by Managers, Unit Managers, Scanners and Readers.
|
User Taking Action |
Current Owner |
Possible New Owner |
|
Manager |
Manager, Scanner or Reader in the Unassigned business unit |
Manager, Scanner or Reader in the Unassigned business unit |
|
Manager |
Unit Manager, Scanner or Reader in a custom business unit |
Manager in the Unassigned business unit |
|
Unit Manager |
Unit Manager, Scanner or Reader in a custom business unit |
Unit Manager, Scanner or Reader in the same business unit as the current owner |
Tell me about the custom footerTell me about the custom footer
This is a spot where you can add required information like a disclosure statement or data classification (e.g. Public, Confidential). The text you enter will appear in all reports generated from this template, except reports in XML and CSV formats.