What is a Compliance Standard?


What is a Compliance Standard?

A compliance standard groups together compliance checks. Compliance standards can align with established security frameworks. For example, you could have a NIST compliance standard containing compliance checks reviewing resources for alignment with NIST security guidelines.

If you build standards based on specific compliance frameworks, it is easy to quickly see if you are meeting the framework's requirements.

Compliance standards are applied to cloud rules, which are applied to OUs or projects. The compliance checks included in the standard are run against all resources within that OU or project.

Compliance in Kion is made up of three pieces: compliance standards, compliance checks, and compliance findings.

  • Standards group together related checks to meet larger compliance goals, guidelines, or requirements.
  • Checks contain definitions for compliance that findings are based on.
  • Findings identify specific resources that are not compliant. Findings cannot exist without checks, because checks define what is and isn't compliant. A check questions if a resource is compliant, and a finding is the answer to that question.

What Next?