Good news for those of you that have to create GRC baselines! You don’t have to build specific GRC baselines such as for the Health Insurance Portability and Accountability Act (HIPAA), as the Solution Accelerators team is now building baselines that simultaneously support HIPAA as well as over 500 other GRC authority documents worldwide. This means you don’t have to figure out the nuances of individual regulations to create one-off baselines. You can simply use one product baseline that maps back to them all through our GRC management solution within System Center, which manages the control objectives, activities, drift, and results to support audits.
The baselines team is addressing this exact issue by changing how we group settings within a product security baseline.
If you have any questions regarding GRC baselines or would like to participate in feedback loops regarding the creation of GRC baselines content and the IT GRC solution for System Center, please contact firstname.lastname@example.org.