Create compliance policy
- On the menu sidebar, click Compliance policies.
-
On the Compliance policies page, click Create compliance policy, and then select the template the policy will be based on:
- Default template: A selection of compliance rules, with no actions defined.
- PCI template, HIPAA template: Compliance rules and actions based on the HIPAA and the PCI DSS security standard, respectively.
Your choice of template doesn’t restrict your subsequent configuration options.
-
Enter a name and, optionally, a description for the compliance policy.
- Repeat the following steps for all required platforms.
-
Make sure that the Enable platform check box on each tab is selected.
If this check box is not selected, devices of that platform are not checked for compliance.
-
Under Rule, configure the compliance rules for the particular platform.
Each compliance rule has a fixed severity level (high, medium, low) that is depicted by a blue icon. The severity helps you to assess the importance of each rule and the actions you should implement when it is violated.
-
Select Create alert to trigger an alert when a rule is violated.
The alerts are displayed on the Alerts page of Sophos Central Admin.
-
When you have made the settings for all required platforms, click Save to save the compliance policy under the name that you specified.