What is a Compliance Standard?
A compliance standard groups together compliance checks. Compliance standards can align with established security guidelines, if desired. For example, you could have a NIST compliance standard containing compliance checks reviewing resources for alignment with NIST security guidelines.
Compliance standards are applied to cloud rules, which are applied to an OU or project. All resources within that OU or project are subject to the compliance checks included in the compliance standard.
Compliance in Kion is made up of three pieces: compliance findings, compliance checks, and compliance standards.
- Findings identify specific resources that are not compliant. Findings cannot exist without checks, because checks define what is and isn't compliant. A check questions if a resource is compliant, and a finding is the answer to that question.
- Checks contain definitions for compliance that findings are based on.
- Standards group together related checks to meet larger compliance goals, guidelines, or requirements.
- To create a compliance standard, see Add a Compliance Standard.
We also provide easy-to-import, pre-made collections of compliance standards for many compliance frameworks. For more information, see Managed Resources & Compliance Jumpstarts.
- To add compliance standards to a cloud rule and apply the cloud rule to a project or OU, see Add a Cloud Rule.