Working with Regulations

The Regulations pane shows the status of Security Best Practices related to regulatory standards.

To work with regulations and their status:

1. On the Compliance tab, click Regulatory Requirements.
2. Select a regulatory standard.

The selected regulatory standard pane opens.

The top table shows the status of pending Action Items:

• ID - ID of the related Security Best Practice.
• Status - Low, Medium, High, Compliant, or N/A.

  We recommend that you resolve Low status items immediately.

• Name - Name and brief description of the Security Best Practice.

The bottom section shows information about the selected regulations:

• Relevant Security Best Practices - Security Best Practices included in the selected regulatory standard.
• Relevant Objects - Objects related to the selected Security Best Practice and their status. (Shows when the selected Security Best Practice applies to specified objects.)

Activating and Deactivating Regulations

You can select the regulatory standards that are applicable to your organization. By default, all supported regulatory standards are active.

To activate or deactivate regulatory standards:

1. In the navigation tree, click Settings.
2. Select the regulatory standards that are applicable for your organization.
3. Clear the regulatory standards that are not applicable for your organization.

Creating User-Defined Regulations

You can define your own Regulations and Regulatory Requirements.

To define a new Regulation:

1. In the Compliance tab, go to Advanced > Settings.
2. In the Settings pane, click New.
3. Enter this information in the applicable fields:
   • Regulation Full Name - Full name of the new regulation
   • Regulation Short Name - Short name to show in the Audit reports and user interface.
   • Description - Detailed description of the regulation that shows in some panes
4. In the Regulation/Standard window, click New to create a new Regulatory Requirement.
5. Enter this information in the applicable fields:
   • Requirement ID - Unique identification string
   • Requirement Description - Detailed description of the Regulatory Requirement
6. Double-click one or more Security Best Practices to add them to the Regulatory Requirement.

   Note: You can also copy and paste new Regulatory Requirements from external applications or import them from an XML file.

7. Click Save.

To change a user-defined regulation

1. In the Compliance tab, go to Advanced > Settings.
2. Double-click a user-defined regulation.
3. Make changes to the definition as necessary, as shown in the above procedure.

   You can add, remove or create new regulatory standards as necessary.

Copying and Pasting Regulatory Requirements

You can copy and paste new Regulatory Requirements to a Regulation from an external source, such as Microsoft Word© or Microsoft Excel©. The information must be in a two-column table, where the first column is the Requirement ID and the second column is the Requirement Description. The Requirement IDs must be unique.

To copy and paste Regulatory Requirements from an external application:

1. Create the two-column table in your application without headings.
2. Copy the table.
3. In the Edit Regulation/Standard window, click Paste.

Importing and Exporting User-Defined Regulations

You can import and export user-defined Regulations. You can also make clones of both Check Point and user-defined Regulations. These features let you create new Regulations based on existing Regulations. The Clone feature lets you create a new user-defined Regulation based on a Check Point Regulation.

To Export a User-Defined Regulation:

1. Go to Advanced > Settings.
2. Select a Regulation.
3. Select Actions > Export.
4. Enter an XML file name and path.
5. Click Save.

To Import a User-Defined Regulation:

1. Go to Advanced > Settings.
2. Select Actions > Import.
3. Select the XML file to import.

The is imported as a new Regulation to the User-defined section. If the Regulation already exists, a new regulation is created with a number appended to the name. You can change this Regulation as necessary.

To create a clone of a Regulation:

1. Go to Advanced > Settings.
2. Select a Regulation (User-defined or Check Point.
3. Select Actions > Clone.

The Regulation is added to the User-defined section. If the Regulation already exists, a new regulation is created with a number appended to the name. You can change this Regulation as necessary.