Compliance
compliance
The Compliance object contains information about Industry and Regulatory Framework standards, controls and requirements or details about custom assessments utilized in a compliance evaluation. Standards define broad security frameworks, controls represent specific security requirements within those frameworks, and checks are the testable verification points used to determine if controls are properly implemented.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Assessments | assessments | Assessment[] | A list of assessments associated with the compliance requirements evaluation. |
| Category | category | String | The category a control framework pertains to, as reported by the source tool, such as Asset Management or Risk Assessment. |
| Compliance Checks | checks | Check[] | A list of compliance checks associated with specific industry standards or frameworks. Each check represents an individual rule or requirement that has been evaluated against a target device. Checks typically include details such as the check name (e.g., CIS: 'Ensure mounting of cramfs filesystems is disabled' or DISA STIG descriptive titles), unique identifiers (such as CIS identifier '1.1.1.1' or DISA STIG identifier 'V-230234'), descriptions (detailed explanations of security requirements or vulnerability discussions), and version information. |
| Compliance Standard References | compliance_references | KB Article[] | A list of reference KB articles that provide information to help organizations understand, interpret, and implement compliance standards. They provide guidance, best practices, and examples.
|
| Compliance Standards: Details | compliance_standards | KB Article[] | A list of established guidelines or criteria that define specific requirements an organization must follow.
|
| Security Control | control | String | A Control is a prescriptive, actionable set of specifications that strengthens device posture. The control specifies required security measures, while the specific implementation values are defined in control_parameters. E.g., CIS AWS Foundations Benchmark 1.2.0 - Control 2.1 - Ensure CloudTrail is enabled in all regions |
| Control Parameters | control_parameters | Key:Value object[] | The list of control parameters evaluated in a Compliance check. E.g., parameters for CloudTrail configuration might include multiRegionTrailEnabled: true, logFileValidationEnabled: true, and requiredRegions: [us-east-1, us-west-2] |
| Description | desc | String | The description or criteria of a control. |
| Raw Data | raw_data | JSON | Group: |
| Record ID | record_id | String | Group: |
| Compliance Requirements | requirements | String[] | The specific compliance requirements being evaluated. E.g., PCI DSS Requirement 8.2.3 - Passwords must meet minimum complexity requirements or HIPAA Security Rule 164.312(a)(2)(iv) - Implement encryption and decryption mechanisms |
| Compliance Standards: List | standards | String[] | The regulatory or industry standards being evaluated for compliance. |
| Status | status | String | The resultant status of the compliance check normalized to the caption of the status_id value. In the case of 'Other', it is defined by the event source. |
| Status Code | status_code | String | The resultant status code of the compliance check. |
| Status Detail | status_detail | String | The contextual description of the status, status_code values.
|
| Status Details | status_details | String[] | A list of contextual descriptions of the status, status_code values. |
| Status ID | status_id | Integer | The normalized status identifier of the compliance check.
|
| Unmapped | unmapped | Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Compliance in their attributes:
Outbound Relationships
Compliance references the following objects and events in its attributes:
This page describes qdm-1.5.1+ocsf-1.6.0
Updated 13 days ago