I am looking for some best practice recommendations for starting Policy Compliance. I am starting with the videos and will move onto the training on the product, however, I am looking for what current users of PC are doing and how they got started.
Here are some questions I have to start:
What are some types of processes you have with the platform teams?
What benchmarks are you using?
Are you customizing the benchmarks any?
Do you have different policies for the same OS?
How are you handing exceptions?
How are you reporting to the platform teams?
Are you empowering the platform teams to do any work in the PC module?
How are you setting up reporting for compliance levels at an InfoSec level?
What are the built-in reports like?
Thanks in advance