Security and Compliance Automation concepts

The PowerSC Security and Compliance Automation feature is an automated method to configure and audit systems in accordance with the U.S. Department of Defense (DoD) Security Technical Implementation Guide (STIG), the Payment Card Industry (PCI) data security standard (DSS), the Sarbanes-Oxley act, COBIT compliance (SOX/COBIT), the Health Insurance Portability and Accountability Act (HIPAA), Center for Internet Security (CIS) benchmarks compliance for AIX®, and IBM® i best practices.

PowerSC helps to automate the configuration and monitoring of systems that must be compliant with the Payment Card Industry (PCI) data security standard (DSS) version 3.2. Therefore, the PowerSC Security and Compliance Automation feature is an accurate and complete method of security configuration automation that is used to meet the IT compliance requirements of the DoD UNIX STIG, the PCI DSS, the Sarbanes-Oxley act, COBIT compliance (SOX/COBIT), and the Health Insurance Portability and Accountability Act (HIPAA).

Note: The PowerSC Security and Compliance Automation feature updates the existing XML profiles that are used by IBM Compliance Expert express (ICEE) edition. You can use the PowerSC XML profiles with the pscxpert command, similar to ICEE.

The preconfigured compliance profiles delivered with PowerSC reduce the administrative workload of interpreting compliance documentation and implementing the standards as specific system configuration parameters. This technology reduces the cost of compliance configuration and auditing by automating the processes. IBM PowerSC is designed to help effectively manage the system requirement associated with external standard compliance that can potentially reduce costs and improve compliance.