NetIQ GRC Manager 1.0 Configuration Guide

January 2015

This document describes how to integrate Secure Configuration Manager with UCF for Governance, Risk Management, and Compliance with the help of NetIQ GRC Maanger.

NetIQ GRC Manager integrates NetIQ Secure Configuration Manager (SCM) and Unified Compliance Framework (UCF) to provide audit and configuration assessment. This assessment of the endpoints is utilized by the Governance, Risk, and Compliance (GRC) vendors.

GRC vendors depend on compliance configuration scanning applications such as SCM to receive configuration information and assessment details on various supported endpoints. GRC and SCM are integrated by using a common repository of information that UCF maintains. This repository of information enables the required standard of communication between GRC vendors and the SCM database. GRC Manager initializes the SCM database with UCF feeds for processing GRC requests.

1.0 Understanding GRC Manager

GRC Manager uses UCFi standard to support extended security. It provides the mapping information to the SCM database that makes the database useful for processing GRC requests. Following are the components that are required for GRC Manager:

  • UCF

  • Secure Configuration Manager

  • UCFi standard

  • GRC

1.1 Understanding UCF

The Unified Compliance Framework is the only industry-vetted compliance database that reduces the regulatory maze to a smaller set of harmonized controls. UCF provides a single point of management over hundreds of complex IT compliance requirements from around the world.

For more information, see www.unifiedcompliance.com.

1.2 Understanding Secure Configuration Manager

SCM deploys agents to collect information, stores information in a central database, and displays reports in the SCM console. SCM Core Services manages communication among the components such as Agent, database, Console, and Core.

For more information, see the NetIQ Secure Configuration Manager product page.

1.3 Understanding UCFi standard

UCFi standard is an evolving protocol that is introduced by UCF, so that disparate software or organizations can integrate with each other to provide UCF based audit and configuration assessment.

1.4 Understanding Governance, Risk Management, and Compliance

Governance, risk management, and compliance (GRC) is an umbrella term that includes an organization's approach to apply rules and regulations for corporate governance, enterprise risk management (ERM) and corporate compliance.

2.0 Prerequisites

The following are the prerequisites to install and use GRC Manager:

  1. Secure Configuration Manager 6.0 or later should be installed in the local or remote computer.

  2. You must have the supported versions of UCF feeds. Supported UCF feeds are 1407393021-192.31.114.252-14Q2_Final_XML.

3.0 Working with GRC Manager

You can use GRC Manager for the following operations:

  • Import UCF feeds to the SCM database.

  • Initialize SCM database to process the GRC requests.

To import UCF feeds or to initialize the SCM with UCF mapping information:

NOTE:You must first update the database information and the UCF Feeds location to run GRC Manager.

  1. In GRC Manager, click Configurations > Settings Management.

  2. In the Database Configuration page, provide the appropriate credentials for this application to authenticate to the SCM database. The following are the two types of authentication. Select one of these, based on the way Microsoft SQL server is configured for SCM in your computer.

    1. (Conditional) If you are using Windows authentication, select Use Windows authentication.

    2. (Conditional) If you are using SQL Authentication, specify user name and password.

  3. Click the UCF Configuration tab.

  4. In the UCF Configuration page, specify the location of the UCF feed and select UCF mapping platform.

    NOTE:

    • UCF feed is the quarterly feed which is received from the UCF database. Currently supported feed is 1407393021-192.31.114.252-14Q2_Final_XML. You should have a valid membership with UCF to get this feed.

    • UCF mapping platform is the platform you need to select for the mapping between content from UCF and SCM. To support content for GRC integration, mapping between content from UCF and SCM is necessary.

    Click Apply.

  5. On the main screen, select Parse and Import operation and then click Start.

    When you click Start, all content from UCF feeds will be parsed, processed, and imported into the SCM database. This process might take 5-10 minutes.

  6. Initialize the SCM database to save the mapping information in the database; select the Initialize SCM with UCF operation and then click Start.

4.0 Uninstalling or Repairing GRC Manager

To uninstall or repair GRC Manager:

  1. In GRC Manager, click Configurations > Remove UCF Configurations.

    This removes all the UCF related database information from SCM database. If you want to repair GRC Manager, then first import UCF feeds and initialise the SCM database by performing the procedure specified in Working with GRC Manager.

    If you want to uninstall GRC Manager completely, perform step 2.

  2. Go to Control Panel > Programs > Programs and Features and uninstall GRC Manager.

5.0 Known Issues

The following is the known issue for this release:

5.1 vendor_config_setting Value Incorrect in Audit and Config Request Response

Issue: In GRC_UCF_Audit_Request_Response or GRC_UCF_Config_Request_Response, the value of the vendor_configuration_setting variable is returned incorrectly for the SCM Check instances of “Count” type. This happens only when the SCM Check instance result is “Compliant” against the vendor asset instance.

Workaround: For the SCM check instances of “Count” type, read the UCF_CS_ID values in GRC_UCF_Audut_Request_Response or GRC_UCF_Config_Request_Response as evidence.