Welcome to

Policy Audit Help

Policy Audit is a tool that automates every stage of the audit process and enables you to be continuously audit-ready.

Overview

In today’s rapidly shifting regulatory landscape, audits are no longer a periodic event, they are a continuous requirement. Whether it is SOX, ISO 27001, PCI DSS, DORA, or any number of evolving global frameworks, organizations are under constant pressure to demonstrate that they’re secure, compliant, and in control.

Thats why modern compliance programs must go beyond checklists. Today, audit readiness is a business-critical capability—one that enables organizations to move faster, stay competitive, and operate with confidence amid rising regulatory expectations. 

In response to these challenges, Qualys Policy Audit sets a new benchmark for how organizations achieve and maintain continuous audit readiness.

Key Features

Seamless onboarding process

⟳

Step-by-step guidance on the onboarding process to deploy, configure, and align evidence to your compliance mandates.

Learn More →

Enhanced dashboard

⟳

Explore widgets that simplify navigation and bring key insights to the forefront.

Learn More →

Audit Readiness Report

⟳

Always stay audit ready with continuous and automatic evidence collection with intelligent mapping to relevant regulatory frameworks.

Learn More →

Software Management

⟳

Automate software management by installing or uninstalling applications across assets with CAR.

Learn More →

Integration with Vulnerability Management, Detection, & Response

⟳

Enhance vulnerability management with CAR by creating Custom QIDs to detect organization-specific security needs.

Learn More →

Integration with Policy Audit

⟳

Enhance your compliance posture with script-based user-defined controls.

Learn More →

CAR Journey 

Follow the CAR Journey to understand how automated assessments and seamless script execution work.

1

Create Script

Build custom scripts to assess or remediate vulnerabilities.
2

Test Script

Validate scripts on lab assets to ensure correct execution.
3

Review and Approve Script

Get scripts reviewed and approved before use.
4

Execute Script

Run or schedule approved scripts for remediation.

Get Started

Prerequisites

Before using CAR, ensure the application is enabled for your subscription and the required Qualys Cloud Agent version is installed for Windows or Linux.

Learn More →

Role-based Access Control (RBAC)

Ensure user roles are properly defined, as CAR uses RBAC permissions to control specific script operations.

Learn More →

Supported Scripting Languages

CAR supports the various scripting languages, allowing you to create custom scripts that best fit your environment and remediation needs.

Learn More →

CAR APIs

Get started with CAR APIs to automate custom workflows and integrations.

Learn More →

Ready to Get Started with CAR?

Begin your journey with Custom Assessment and Remediation. Learn how to start creating scripts.

Get Started Now →

Looking for something else?

Get the most out of your Qualys CAR with these helpful resources.

© 2025 Qualys, Inc. All rights reserved. Privacy Policy

Last updated: December, 2025

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: December, 2025