XYGATE Compliance PRO (XSW) Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

141

142

143

144

145

146

147

148

149

150

XYGATE

Compliance PRO

™

Reference Manual

Chapter 6. Data Discovery Rules

XYPRO Technology Corporation 131 Proprietary and Confidential

6.5 Converting a Data Discovery Rule to a System Analysis Policy

If you click Set Policy for a Data Discovery rule on the results grid shown above, the

query will be converted to a policy.

Not every Data Discovery rule needs to become a policy. Some queries make an

instantaneous snapshot of the system, useful immediately but retention is not needed.

Some queries have too much data—tracking all that data would be burdensome. The

intention of Data Discovery is to find all occurrences that match criteria, the result of

which could be positive or negative. The intention of a system policy is to find

occurrences that are in violation (that is, negative) to a condition, such that a compliant

system policy will not find any violations.

In general, Data Discovery queries that highlight a small set of data of which some

significant portion of the rows have a negative impact on system security or

functionality provide the most value when converted to policies.

For example, a query that shows all of the licensed files on the system might be

converted to a policy. Of the rows returned, many will be valid uses of the license

feature and will be excluded from consideration. The rows that remain are negative;

they may document unauthorized licensed programs which are a security threat.

These remaining rows should be corrected, removed or excluded, and any new rows

should be tracked accordingly.

When you convert a Data Discovery query to a policy, every row in the query will

receive a policy tracking number. All of your actions, such as sending an email or

excluding the policy row from future consideration, will be logged. When new datasets

are created for the collection from which the query was derived that led to this policy,

the policy will be applied to the new dataset. Items that no longer meet the query will

be closed; new items that were not failures before will be opened.

To convert a Data Discovery Rule to a policy:

Select and expand the Data Discovery Rules

tree item, right-click a rule, and then select

Review Results.

2. When the Review Data Results screen

appears (see section 6.4), click Set Policy.

The System Policy Analyzer screen will

appear as shown below.