About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Conference paper
Continuous compliance: Experiences, challenges, and opportunities
Abstract
IT compliance is an area of increasing attention and capital spend in enterprise IT environments. We present 'Continuous Compliance', a framework that allows a managed IT services provider to automate the overall process of keeping IT assets conformant with enterprise policies, regulatory frameworks, and other best practices. Our framework applies to all cloud layers and service models: Infrastructure-, Platform-, and Software-as-a-Service. We describe our framework design, its operation, and the post-process analytics and reporting. We also examine remediation reports gathered from over 2,000 servers for a seven month period, graph the incidence of repeated remediations, and explore some reasons for gradually subsiding remediations.