Generating and Tracking Compliance

OpenRMF^® Professional can generate and track your cyber compliance across your default controls, tailored controls and overlays. This is done by our compliance engine that relates all checklists, vulnerabilities, CCIs and controls together with status to show percentage compliant against your required controls.

Generating Compliance

You can generate and save compliance snapshots over time within the Compliance area of OpenRMF^® Professional. You also can chart the compliance summary score by NIST control family or control and subcontrol in the reports area as well. To view more detailed information visit the Generating Compliance Help.

Compliance Statements

You can add and edit compliance statements for Control / CCI combinations required for your system package in OpenRMF^® Professional. These statements are combined with checklist vulnerability information from scans and custom checklists you create to form your true system package compliance. To view more detailed information visit the Compliance Statements Help.

Tailoring Controls

You can use the default controls required based on your RMF or FedRAMP levels of low, moderate, high, etc. You also can tailor those controls to specific ones you are required to meet based on all available controls as well. To view more detailed information visit the Tailoring Controls Help.

Managing Overlays

In addition to using default controls or tailoring your main controls, you can add overlays to match groups of controls you must comply with for specific purposes. To view more detailed information visit the Overlays Help.

Managing Inheritance

In addition to using default controls or tailoring your main controls, you can reference inherited controls from other system packages within the OpenRMF^® Professional installation. To view more detailed information visit the Inheritance Help.