Scribd Logo
Upload

Welcome to Scribd!

  • Evidence Collection Portal Update

    Uploaded by

    Kundan Kadam
    18 views6 pages
    Evidence Collection Portal Update

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Evidence Collection Portal Update

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    18 views6 pages

    Evidence Collection Portal Update

    Uploaded by

    Kundan Kadam
    Evidence Collection Portal Update

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Portal

    1.
    2.
    3.
    4.
    5.

    Update
    Dashboard
    Review Module Access
    Various Module Access
    Web-forms
    Policies

    Various Module Access


    We need to make sure members of ControlCase and Client groups have proper
    access on:
    a. Various modules
    b. Tree folders on Review Module
    c. Default module when they login Starting Tab
    Module Access:
    Module

    Sub-module

    Path

    Remediati
    on

    Module Access
    Admin
    Remediation
    Access Module

    Assets

    Module Access
    Admin
    Assets
    Access Module

    Review

    Module Access
    Admin
    Review
    Access Module

    Calendar

    Module Access
    Admin
    Calendar
    Access Module

    Security
    Scan

    Module Access
    Admin
    Security Scan
    Access Module
    qualysEditExeReportCom

    Module Access

    Group
    Allow
    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin

    Group Deny
    RinHub

    RinHub

    RinHub

    RinHub

    RinHub

    RinHub

    ments

    qualysEditExeReportForm

    Policies

    ManagePolicyDocument

    DistributePolicies

    MapPoliciesWithControls

    RecreatePolicies

    Assessme
    nt

    Reporting

    Admin
    Security Scan
    QualysEditExecutiveRepor
    t
    qualysEditExeReportCom
    ments
    Module Access
    Admin
    Security Scan
    QualysEditExecutiveRepor
    t
    Module Access
    Admin
    Policies
    Access Module
    qualysEditExeReportForm
    Module Access
    Admin
    Policies
    Manage
    ManagePolicyDocument
    Module Access
    Admin
    Policies
    Manage
    DistributePolicies
    Module Access
    Admin
    Policies
    Manage
    MapPoliciesWithControls
    Module Access
    Admin
    Policies
    Manage
    RecreatePolicies
    Module Access
    Admin
    Assessment
    Access Module
    Module Access
    Admin
    Reporting

    ControlCas
    e
    ClientGrou
    p

    Admin
    ControlCas
    e

    RinHub,
    ClientGroup

    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e

    RinHub

    Admin

    RinHub
    ClientGroup
    ControlCase

    Admin
    ControlCas
    e
    ClientGrou
    p
    Admin
    ControlCas
    e

    RinHub

    RinHub

    RinHub

    RinHub
    ClientGroup

    RinHub

    Access Module
    Vendors

    Assessme
    nt Admin

    Setting

    Module Access
    Admin
    Vendors
    Access Module

    ClientGrou
    p
    Admin
    ControlCas
    e
    ClientGrou
    p
    Sup Admin
    QA admin

    Sup Admin
    QA admin

    Starting Tab
    Whenever a new user is created, the starting tab is set to Remediation by default.
    We need to change it make it to Dashboard.
    User Admin Miscellaneous Change Starting tab
    From Module dropdown select Dashboard. On the Users multi-select box check all
    the users and click update.

    RinHub

    Policies (To be done for portal below ClientK1047)


    We need to check first whether the portal is already updated or not. This can be
    easily identified from Module Access tab:
    Module Access Policies Manage
    If the setting RecreatePolicies is already there, that means the portal is updated. We
    just need to make sure the below steps are done properly. If all are in place, double
    check permissions mentioned in Step 3.
    For Kboxes above K1047 only Step 3 is required where we need to make sure proper
    permission is set for ControlCase and Client groups.
    Step 1: Delete the existing standard mapping between ISO to PCI
    Settings Tab Configuration Standards Mapping

    Step 2: Create a Standard mapping between ISO to PCI using attached xml file.

    ISO.XML

    Settings Tab Configuration Standards Mapping Import Standards Mapping


    Source: ISO IEC 27002 ISO IEC 17799:2005 E
    Destination: PCI_DSS_2_0
    Mapping Name: ISO 27002 to PCI DSS 2_0
    Input File: Attached XML

    Step 3: Provide Module access to Policies Tab and other policy features
    Module Access Tab Policies Access module
    Make sure groups ControlCase, Admin and ClientGroup has access to Policies
    Module

    Other features:
    Module Access Tab Policies Manage
    a. ManagePolicyDocument - groups ControlCase, Admin and ClientGroup
    b. DistributePolicies - groups ControlCase, Admin and ClientGroup
    c. MapPoliciesWithControls - groups ControlCase, Admin
    d. RecreatePolicies - groups ControlCase, Admin
    Step 4: Flush old policies and upload new policies
    Once the above steps are done, the Policy module will look like below:

    Policies Tab Recreate Policies

    Use the attached CSV file to import the updated policy mapping

    Upload_Policies.csv

    a. Policy Document Location: C:\PCI_Policies


    b. Select Policy Mapping file: Attached CSV (Upload_Policies.csv)

    You might also like