System Values Scorecard

A System Values Scorecard rates how your system values compare to Powertech’s recommended compliance policy. A System Values Scorecard lists all security-related system values that apply to the configuration of the security audit journal (QUADJRN).

A system value is either configured properly or it is not. Some system values are numeric, some are text values, while others are lists, so there are different types of checks possible.

The System Values Scorecard lists each security-related system value and rates it based on the point and severity settings in your security policy.

There are two types of System Values Scorecards: System Values and System Values (*POLICY). The System Values (*POLICY) scorecard uses the policy in effect on the Endpoint system, instead of the default security policy.

NOTE: For more information on a system value, click a highlighted system value link in the PDF report to display the Powertech Compliance Guide in a separate window.

A System Values Scorecard displays the following information:

Logo: The report uses the logo that you defined in the header information for Compliance Monitor. You can change this to your own custom logo by displaying the Header/Footer tab of the User Preferences window.
System: The name of the system.
Requested: The date and time the Assessment ran on the Endpoint system.
Description: The description assigned to the Assessment.
Date and Time Stamp: The date and time that the report was generated displays in the upper right corner of the report.
Compliance Rating: The Compliance Rating indicates the overall well being of the system. The percentage value shows how well the system complies with the defined security policy. A rating of 100% is perfect and indicates that the system is in complete compliance with the defined policy. The % rating normalizes the number and allows you to compare different systems.
System Value: The name of the system value.
IBM Category: The assigned IBM Category of the system value, based on the system value categories used by IBM.
Value: The actual value of the system value on the audited system.
Policy Required [Allowed]: Policy "Required" values and policy "Allowed" values are listed in this column. Allowed values (values you've specified as allowable values) display in brackets.
Penalty: The point value assigned for each system value in the security policy.

The system values on the Scorecard are marked with either a green checkmark, indicating it is acceptable within security recommended values, or a red X, indicating it is not acceptable and vulnerable to security issues.

Each system value is compared against a policy. The policy consists of two values, Required and Allowed. In the Policy Required [Allowed] column of the System Values Scorecard, the allowed values display in brackets, [ ]. Numerical ranges are shown in parenthesis, for example, (1..6) indicates a range of values from 1 to 6.

If the value is Required, the system value must include this value. If the value is Allowed, the system value can include the value, but doesn't have to.

NOTE: If a system value does not exist at the operating system level of the audited system, it does not appear in the Scorecard.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
4.4 | 202410080134 | October 2024