Microsoft System Center 2012 R2 Compliance Management Cookbook

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By : Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By: Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Overview of this book

Microsoft System Center 2012 R2 Compliance Management Cookbook

Microsoft System Center 2012 R2 Compliance Management Cookbook

Credits

About the Authors

About the Authors

About the Reviewers

About the Reviewers

www.PacktPub.com

www.PacktPub.com

Preface

Free Chapter

Starting the Compliance Process for Small Businesses

Starting the Compliance Process for Small Businesses

Planning the scope of a basic compliance program

Understanding possible controls for compliance

Evaluating the efforts of controls

Bringing it all together into a basic compliance program

Implementing the First Steps of Basic Compliance

Implementing the First Steps of Basic Compliance

Preparing for the creation of a compliance baseline

Installing Security Compliance Manager

Creating a compliance baseline using GPO to ensure system security

Implementing the GPO baseline in Active Directory

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Configuring Microsoft System Center 2012 Configuration Manager for compliance

Creating a baseline to monitor for unapproved software

Creating a baseline to monitor for unapproved hardware and virtual systems

Using Security Compliance Manager baselines in Microsoft System Center 2012 Configuration Manager

Monitoring the Basic Compliance Program

Monitoring the Basic Compliance Program

Planning a compliance program for Microsoft System Center 2012 Operations Manager

Adding a compliance program monitor in Microsoft System Center 2012 Operations Manager

Installing Microsoft System Center 2012 Operations Manager Audit Collection Services to support the compliance program

Configuring a compliance program in Microsoft System Center 2012 Operations Manager Audit Collection Services

Starting an Enterprise Compliance Program

Starting an Enterprise Compliance Program

Using project management in your compliance approach

Understanding management support

Defining your communication approach

Planning the risk assessment approach

Planning documentation requirements

Defining your test approach

Planning a Compliance Program in Microsoft System Center 2012

Planning a Compliance Program in Microsoft System Center 2012

Understanding the responsibilities of the System Center 2012 tools

Planning the implementation of Microsoft System Center 2012 Service Manager

Planning the connection of the System Center 2012 components

Planning and defining the responsibilities for a compliance program

Planning System Center Service Manager 2012 related settings and configuration

Planning and defining compliance reports

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring connectors in System Center 2012 Service Manager to support a compliance program

Adding Configuration Items manually in System Center 2012 Service Manager to support a compliance program

Configuring compliance process Incident Classification Categories in System Center 2012 Service Manager

Adding support groups in System Center 2012 Service Manager to support the compliance program

Creating compliance program Incident templates in System Center 2012 Service Manager

Automating Compliance Processes with Microsoft System Center 2012

Automating Compliance Processes with Microsoft System Center 2012

Planning the automation of the compliance management process

Configuring compliance program notification in Microsoft System Center 2012 Service Manager

Forwarding of compliance program-related alerts

Forwarding compliance program-related Compliance Settings Management issues

Reporting on Compliance with System Center 2012

Reporting on Compliance with System Center 2012

Planning compliance reporting in Microsoft System Center 2012

Generating compliance program reports in Microsoft System Center 2012 Configuration Manager

Generating compliance program reports in Microsoft System Center 2012 Operations Manager Audit Collection Service

Generating compliance program reports in Microsoft System Center 2012 Service Manager

Useful Websites and Community Resources

Useful Websites and Community Resources

Compliance and System Center Partner tools

Authors' community blogs

Useful System Center community blogs

Useful Security/Compliance community blogs

Frameworks, standards, and processes

Official websites on compliance requirements

Valuable community forums and user groups

Microsoft TechNet Information

Social network resources

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Planning the risk assessment approach

This recipe addresses risk assessment, including the definition of risks and threats that will influence your decision on the control objectives and activities you choose. The recipe provides further advice on control selections.

There are several reasons for using a risk assessment approach for your compliance program.

The first reason is already mentioned in recipe 1 step 2. There are several regulatory requirements of which risk assessment is an integral part.

The second reason is that risk assessment allows you to have a systematic approach to your control selection. Risk assessment will make you aware of the kind of risks, threats, and vulnerabilities your company faces with respect to its sensitive data, information systems, employees, and so on. This will provide several advantages to your business. First, you have a better understanding of the true costs of the product you offer. Second, as part of risk assessment, you not only examine the asset...