Microsoft System Center 2012 R2 Compliance Management Cookbook

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By : Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By: Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Overview of this book

Microsoft System Center 2012 R2 Compliance Management Cookbook

Microsoft System Center 2012 R2 Compliance Management Cookbook

Credits

About the Authors

About the Authors

About the Reviewers

About the Reviewers

www.PacktPub.com

www.PacktPub.com

Preface

Free Chapter

Starting the Compliance Process for Small Businesses

Starting the Compliance Process for Small Businesses

Planning the scope of a basic compliance program

Understanding possible controls for compliance

Evaluating the efforts of controls

Bringing it all together into a basic compliance program

Implementing the First Steps of Basic Compliance

Implementing the First Steps of Basic Compliance

Preparing for the creation of a compliance baseline

Installing Security Compliance Manager

Creating a compliance baseline using GPO to ensure system security

Implementing the GPO baseline in Active Directory

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Configuring Microsoft System Center 2012 Configuration Manager for compliance

Creating a baseline to monitor for unapproved software

Creating a baseline to monitor for unapproved hardware and virtual systems

Using Security Compliance Manager baselines in Microsoft System Center 2012 Configuration Manager

Monitoring the Basic Compliance Program

Monitoring the Basic Compliance Program

Planning a compliance program for Microsoft System Center 2012 Operations Manager

Adding a compliance program monitor in Microsoft System Center 2012 Operations Manager

Installing Microsoft System Center 2012 Operations Manager Audit Collection Services to support the compliance program

Configuring a compliance program in Microsoft System Center 2012 Operations Manager Audit Collection Services

Starting an Enterprise Compliance Program

Starting an Enterprise Compliance Program

Using project management in your compliance approach

Understanding management support

Defining your communication approach

Planning the risk assessment approach

Planning documentation requirements

Defining your test approach

Planning a Compliance Program in Microsoft System Center 2012

Planning a Compliance Program in Microsoft System Center 2012

Understanding the responsibilities of the System Center 2012 tools

Planning the implementation of Microsoft System Center 2012 Service Manager

Planning the connection of the System Center 2012 components

Planning and defining the responsibilities for a compliance program

Planning System Center Service Manager 2012 related settings and configuration

Planning and defining compliance reports

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring connectors in System Center 2012 Service Manager to support a compliance program

Adding Configuration Items manually in System Center 2012 Service Manager to support a compliance program

Configuring compliance process Incident Classification Categories in System Center 2012 Service Manager

Adding support groups in System Center 2012 Service Manager to support the compliance program

Creating compliance program Incident templates in System Center 2012 Service Manager

Automating Compliance Processes with Microsoft System Center 2012

Automating Compliance Processes with Microsoft System Center 2012

Planning the automation of the compliance management process

Configuring compliance program notification in Microsoft System Center 2012 Service Manager

Forwarding of compliance program-related alerts

Forwarding compliance program-related Compliance Settings Management issues

Reporting on Compliance with System Center 2012

Reporting on Compliance with System Center 2012

Planning compliance reporting in Microsoft System Center 2012

Generating compliance program reports in Microsoft System Center 2012 Configuration Manager

Generating compliance program reports in Microsoft System Center 2012 Operations Manager Audit Collection Service

Generating compliance program reports in Microsoft System Center 2012 Service Manager

Useful Websites and Community Resources

Useful Websites and Community Resources

Compliance and System Center Partner tools

Authors' community blogs

Useful System Center community blogs

Useful Security/Compliance community blogs

Frameworks, standards, and processes

Official websites on compliance requirements

Valuable community forums and user groups

Microsoft TechNet Information

Social network resources

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Defining your test approach

This recipe focuses on answering the question about the effectiveness of your compliance program. You must perform periodic tests to determine whether your control objectives are truly met by the controls you implemented. If there is a problem that appears again and again in your test, you should know that you must redesign it. Without periodic tests, you will never be able to find the problems.

It is just like traffic; everyone sees the speed limit signs but, without periodic controls by the police, many people would simply ignore them, even though we know that driving above the speed limit could lead to undesired consequences.

Getting ready

You must have your controls documented and truly understand the goals you try to achieve. In addition, you must know the risks your company is willing to accept.

How to do it...

The following illustration provides an example of the process and the steps required while conducting compliance tests:

The diagram is explained as follows...