RSA Readying Sarbanes-Oxley, HIPAA Compliance Package

RSA Security announced Wednesday that it will ship in June a tool to help IT organizations that are already using the company’s event-logging software to comply with new rules required by the Sarbanes-Oxley Act, HIPAA and other regulations.

RSA Reporting & Compliance Manager provides centralized reporting capabilities aimed at helping customers of RSA ClearTrust more easily comply with the security requirements associated with regulations emanating from recently enacted laws. Reporting and Compliance Manager leverages ClearTrust’s logging capabilities to provide auditing and reporting functions that let organizations report on both past and present access policies, and on user behavior, according to a company statement.

The new package features both pre-built and customizable reports. “RSA Reporting & Compliance Manager interprets log events generated by RSA ClearTrust software and provides consolidated, easy to customize, and exportable reports that can help administrators easily answer complex 'who, when, how, and why' audit questions about user access and authorization” the statement says.

The pre-built reports include ones for policy reports that show who has access to information and applications, policy change reports that demonstrate how an access policy changed over time, including the administrators who made the changes, activity reports that identify who accessed what and when, and intrusion reports documenting unsuccessful access attempts.

Reporting and Compliance Manager consists of four main components. The event collector gathers runtime event logs and administrative event logs from other RSA products, including ClearTrust. A report scheduler generates reports at scheduled intervals, while a reporting console provides charting and reporting functions, with drill-down, filtering and reporting customization capabilities. Finally, a compliance database contains report templates, and data generated from running templates, as well as captured log events from other RSA products.

RSA Reporting & Compliance Manager supports Windows, Solaris and Linux platforms, as well as Oracle and Microsoft SQL Server databases (the same versions that RSA ClearTrust supports). Additionally, ClearTrust 5.5.x is required.

About the Author

Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.


  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

  • How To Automate Tasks in Azure SQL Database

    Knowing how to automate tasks in the cloud will make you a more productive DBA. Here are the key concepts to understand about cloud scripting and a rundown of the best tools for automating code in Azure.

  • Microsoft Open License To End Next Year for Government and Education Groups

    Microsoft's "Open License program" will end on Jan. 1, 2022, and not just for commercial customers, but also for government, education and nonprofit organizations.

  • Dealing with a Hyper-V VM That's Stuck on Screen

    A three-keystroke solution to a problem that has no discernible cause.

comments powered by Disqus