Import Compliance Policy from Library

You can import policies directly to your account from our Compliance Policy Library.

What types of policies are available?

The library includes policies that are based on popular compliance frameworks, including SOX, HIPAA, CoBIT and more.

How do I import a policy from the Library?

Go to PC > Policies > New > Policy > Import from Library. Click on the policy you want and then click Next. Follow the wizard to give your policy a name and choose whether the policy should be locked or unlocked after import.

Tell me about locked policiesTell me about locked policies

Our library includes locked policies for testing compliance against specific CIS benchmarks. These policies have been reviewed and certified by CIS (the Center for Internet Security). When a policy is locked, you can add hosts to the policy but you can't make any other edits. (Tip - During the import you'll have the option to import the locked policy as unlocked. This lets you remove the editing restrictions.)

Can I edit the imported policy?

You can edit the policy to change the assigned asset groups. If the policy is unlocked, you can also change the title, technologies, controls, etc. If the policy is locked, no other changes are allowed. You can, however, save a copy of any locked policy with a new name and edit it as needed.

New policy version

When there's a newer version of a policy available, the new version will be added to the Policy Compliance Library and the old version will be removed from the Library. You'll notice that each policy has a version number. Go to PC > Policies > New > Policy > Import from Library, select the policy version you're interested in and click Next to import it to your account. It's up to you whether you want to delete old policy versions from your account or keep them. 

How do you know when there's a new policy version available? We announce Policy Compliance Library Updates at on a regular basis. Follow Qualys notifications to get these updates.

Not seeing the policy you want?

You can also import a compliance policy from an XML file. Learn more