Run the Compliance per Host Report

This report shows the compliance data based on a particular host or device in your system package. Choose the saved compliance to list the results and all data is returned for that host or device. It orders the information by certain NIST controls by major control. It then colors them to show if they comply (green) or if there are issues still open (red) per checklist that has a vulnerability that falls under that major control.

This is an extremely fast way to find compliance data on a specific host or device across all your checklists.

OpenRMF Professional Compliance per Host Report

Where the Data Comes From

This is a combination of vulnerability data from the report database for a system package by checklist, NIST 800-53 control data, and the CCI-xxxxxx numbers that hold the relationships between those two sets of data. It also reads in the vulnerability status to show if Not a Finding or Not Applicable (green) or if it is still Open (red). If it is Not Reviewed the checklist is highlighted in gray.

Why Run this Report

This report allows you to see your compliance at a high level by major control per host without sifting through all Compliance data run with the “Generate System Compliance” functionality. It reads the same data as the compliance generation it just does it by hostname or device name.