HomeGuidesAPI ReferenceChangelog
Guides

Setup Compliance Settings

Compliance Settings let you complete compliance activities using each framework’s native language. With Compliance Rollup, you can report across multiple frameworks while preserving their unique taxonomies.

Suggest Edits

Select a Compliance Setting for a Security Plan

The selected Compliance Setting determines:

  • Available values for Implementation Status and Control Origin in Control Implementations and Parts
  • The default Security Profiles and Wayfinder automatically applied to the Security Plan

To select a Compliance Setting:

  1. Select Modules from the top navigation menu.
  2. Select Security Plans.
  3. Select Create New.
  4. In the modal, select a Compliance Setting.
  5. Complete the remaining fields and save.

Note
You can't change the Compliance Setting in the UI after the Security Plan is created.

After saving, the default Security Profile and Wayfinder are automatically applied.

Note
All exports work with the RegScale Default Compliance Setting.
FedRAMP Rev5 exports work with either the RegScale Default or FedRAMP Compliance Setting.

View Compliance Settings

  1. Select your profile icon in the top-right corner.
  2. Select Setup.
  3. In the left pane, select Compliance Settings.
  4. Select a Compliance Setting to view details.

Set a Default Security Profile and Wayfinder

  1. Go to Compliance Settings.
  2. Select a Compliance Setting.
  3. From the Wayfinder dropdown, select a Wayfinder Template.
  4. Select one or more Security Profiles.
  5. Select Save.

These defaults apply automatically to new Security Plans using this Compliance Setting.

Edit Compliance Rollups

Compliance Rollups let you report across frameworks without changing the terminology of each.

To edit a Compliance Rollup:

  1. Select your profile icon.
  2. Select Setup.
  3. In the left pane, select Compliance Settings.
  4. Select a Compliance Rollup to edit.

You can modify the following fields:

  • Rollup Value: Changes the name shown in reports and scorecards.
  • Rollup Color: Changes the associated color for control implementation status.
  • Implementation Statuses: Controls how status values appear in reporting across the system.

Note
Additional colors and icons are available in Performance Themes under the Theming section of Setup.

Migrate a Security Plan to a Different Compliance Setting

Use the API to migrate a Security Plan:

  1. Go to APIs from the profile dropdown.
  2. Open PUT /api/compliance/migrate in Swagger.
  3. Enter the following:
    • Security Plan ID(s)
    • New Compliance Setting ID
  4. In the request body, provide:
    • fromValue: The current list value in the existing Compliance Setting
    • toValue: The corresponding list value in the new Compliance Setting

Note
Unmapped values are set to the default value for the new Compliance Setting.

Updated about 1 month ago