VMware Cloud Community
MrVmware9423
Expert
Expert
Jump to solution

Need help to fill audit file

Dear Team,

can someone please help how to fill this audit file as I need to submit the same to Auditor

regards

Mr Vmware

Reply
0 Kudos
1 Solution

Accepted Solutions
Texiwill
Leadership
Leadership
Jump to solution

Hello,

This thread was moved to the Security & Compliance forum.

Unfortunately, we cannot really help you fill out the CCM. The answers are specific to your environment and require some research on your part (or someone you have hired to assist). In effect, you are using the CCM to perform an audit of your system. You need to know how incidents are handled, how and where AV is implemented, and how you patch all your systems. This is not something an outsider can really answer without a whole lot of information.

If you have a specific question perhaps we can assist, but not much we can do generically other than to interpret the same words you are. There is quite a bit of research required for your virtual/cloud environment to answer any of the CCM questions.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill

View solution in original post

Reply
0 Kudos
2 Replies
vThinkBeyondVM
VMware Employee
VMware Employee
Jump to solution

Hi Friend,

What I understood from this file is.

1.You need to fill the sheet with

1}whether your system is compliance with anti-virus policies. ex. XYZ anti-virus should be installed on each VM

2} Same is the case with Patch management: whether all your systems have compliance  with latest patches to reduce security threats? (This can be again policy from your org,)

Same logic for other fields.


----------------------------------------------------------------
Thanks & Regards
Vikas, VCP70, MCTS on AD, SCJP6.0, VCF, vSphere with Tanzu specialist.
https://vThinkBeyondVM.com/about
-----------------------------------------------------------------
Disclaimer: Any views or opinions expressed here are strictly my own. I am solely responsible for all content published here. Content published here is not read, reviewed or approved in advance by VMware and does not necessarily represent or reflect the views or opinions of VMware.

Texiwill
Leadership
Leadership
Jump to solution

Hello,

This thread was moved to the Security & Compliance forum.

Unfortunately, we cannot really help you fill out the CCM. The answers are specific to your environment and require some research on your part (or someone you have hired to assist). In effect, you are using the CCM to perform an audit of your system. You need to know how incidents are handled, how and where AV is implemented, and how you patch all your systems. This is not something an outsider can really answer without a whole lot of information.

If you have a specific question perhaps we can assist, but not much we can do generically other than to interpret the same words you are. There is quite a bit of research required for your virtual/cloud environment to answer any of the CCM questions.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
Reply
0 Kudos