Standards provide the means for assessing the compliance of an asset. In Control Compliance Suite, a standard is a hierarchical organizational structure of sections and checks.
Control Compliance Suite makes available a set of predefined standards that are installed along with the product. These standards are mostly derived from some published guidelines by established organizations such as CIS or NSA.
The following technical standards are installed along with the base installation:
CIS Solaris 10 Benchmark v4.0
CIS Benchmark v1.1.2 for Red Hat Enterprise Linux 5.0 and 5.1
CIS Oracle Database Server 11g Security Benchmark v1.0.1
CIS Security Configuration Benchmark For Microsoft Windows Server 2008 and Windows Server 2008 R2 v1.1.0
Security Essentials for Microsoft SQL Server 2008
In addition to the technical standards, you can also install other standards. This standard executable is located at: Installset\CCS_Content\Setup.exe..
You can also create new standards that are based on your specific requirements.
In Control Compliance Suite, the standards hierarchy is explained as follows:
A standard contains one or more sections.
Each section can further contain other sections or checks.
A check is always contained within a section in a standard.