Compliance Checks Settings allows you to manage the security compliance checks available in MSPortal.ai. Configure which checks are active, customize check parameters, and align with your clients’ compliance requirements.
Accessing Compliance Checks Settings
- Click Settings in the sidebar
- Select the Compliance Checks icon from the settings navigation
Compliance Checks Overview
The Compliance Checks page displays all available security checks.
Each compliance check shows:
| Field | Description |
|---|
| Name | Check name and description |
| Framework | Associated compliance framework (CIS, NIST, etc.) |
| Category | Check category (Identity, Data, Device, etc.) |
| Severity | Impact level (Critical, High, Medium, Low) |
| Status | Active or disabled |
Filtering Checks
Use filters to find specific checks:
- Framework - Filter by compliance standard
- Category - Filter by check type
- Severity - Filter by impact level
- Status - Show only active or disabled checks
- Search - Find checks by name or keyword
Compliance Frameworks
MSPortal supports multiple compliance frameworks:
| Framework | Description |
|---|
| CIS Controls | Center for Internet Security benchmarks |
| NIST CSF | Cybersecurity Framework |
| CMMC | Cybersecurity Maturity Model Certification |
| SOC 2 | Service Organization Control |
| ISO 27001 | Information Security Management |
| HIPAA | Healthcare data protection |
| PCI DSS | Payment card security |
Managing Checks
Enabling/Disabling Checks
Find the Check
Use search or filters to locate the check
Toggle Status
Click the toggle to enable or disable
Save Changes
Changes are saved automatically
Bulk Actions
For managing multiple checks:
- Use filters to show relevant checks
- Select multiple checks using checkboxes
- Choose bulk action (Enable All, Disable All)
- Confirm the action
Disabling compliance checks will affect compliance scores for all companies. Review impact before making bulk changes.
Check Categories
Checks are organized by security domain:
| Category | Examples |
|---|
| Identity | MFA, password policies, privileged access |
| Data | Encryption, DLP, backup policies |
| Device | Endpoint protection, patch management |
| Network | Firewall rules, segmentation |
| Application | App permissions, secure configuration |
| Governance | Policies, training, incident response |
Custom Checks
You can create custom compliance checks:
- Click Add Custom Check
- Define the check name and description
- Assign to appropriate framework and category
- Set severity level
- Configure check criteria
- Save and activate
Best Practices
- Align with client needs - Enable frameworks your clients require
- Start conservative - Enable core checks first, expand gradually
- Review regularly - Update checks as frameworks evolve
- Document exceptions - Track why specific checks are disabled
