Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
Adding Compliance Frameworks - AskJ1 Community
<main> <article class="userContent"> <p>A security compliance framework is a structured set of guidelines that details the processes and procedures your organization implements to be in accordance with established regulations, specifications or legislation. Frameworks can include communication processes, risk controls, and governance practices for maintaining compliance.</p> <p>The first step in compliance management is to select the frameworks with which you want to be compliant. You can select the preset standards provided by J1 or import your own configuration.</p> <p><strong>Note:</strong> You must have the adminCompliance permission to be able to import frameworks.</p> <p>Open J1 Compliance from the top J1 navigation bar. To add a framework:</p> <ol><li><p>Select <strong>Frameworks</strong> from the left navigation panel and click <strong>Add Framework</strong>.<br> <br> <br><img src="https://us.v-cdn.net/6035534/uploads/O3Z0N45HOWX9/compliance-frmwk-overview.png" alt="" class="embedImage-img importedEmbed-img"></img></p></li> <li><p>Choose one of the templates that J1 provides, or click <strong>Import JSON/CSV</strong> and paste your compliance framework file in JSON or CSV format. <br> <br> J1 provides <a rel="nofollow" href="https://github.com/JupiterOne/security-policy-templates/tree/main/templates/standards">community example files</a> for you to use as references.</p></li> </ol><p><strong>Note</strong>: You must have the necessary license and permission to use a framework for your organization. <strong>Licensing is not provided by JupiterOne</strong>, except for CIS Controls and Benchmarks.</p> <h3 data-id="json-structure">JSON Structure</h3> <p>If you want to import a JSON file, follow <a rel="nofollow" href="https://github.com/JupiterOne/security-policy-templates/tree/main/templates/standards">this schema</a>.</p> <h3 data-id="csv-import">CSV Import</h3> <p>If you want to import a compliance standard specification from a CSV file, the CSV header must contain the following as column headers:</p> <ul><li><code class="code codeInline" spellcheck="false" tabindex="0">ID</code></li> <li><code class="code codeInline" spellcheck="false" tabindex="0">Requirement</code> or <code class="code codeInline" spellcheck="false" tabindex="0">Control</code></li> <li><code class="code codeInline" spellcheck="false" tabindex="0">Section</code> or <code class="code codeInline" spellcheck="false" tabindex="0">Domain</code></li> </ul><h2 data-id="filter-on-scope">Filter on Scope</h2> <p>Scoping frameworks allows you to control against which assets you want to evaluate your framework within your environment, giving you control over the level of detail you see. At its most basic level, setting the scope means filtering a framework to only look and evaluate against the things you want it to, saving time and resources. Some examples of scoping include specific integration instances, <code class="code codeInline" spellcheck="false" tabindex="0">_tags</code>, <code class="code codeInline" spellcheck="false" tabindex="0">_class</code>, and other filters.</p> <h4 data-id="before-you-begin">Before You Begin</h4> <ul><li>You must have Administrator privileges to J1 Compliance.</li> <li>Depending on your filter value, you must know the <code class="code codeInline" spellcheck="false" tabindex="0">_tag</code> value as this is not automatically populated.</li> <li>You can set levels of filters. Be aware that the filters are hierarchical, and all other filters are inherent in the values of the first set of filters.</li> </ul><p>Scoping a framework does limit the chain of relationships between entities. A scoped framework only looks at the root entity, not at relationships. For example, if a framework were scoped to <code class="code codeInline" spellcheck="false" tabindex="0">-tag = red</code>, then it only returns values with that tag. The value of scoping frameworks is the limitations it places on the filtering value, allowing you to point frameworks only to evaluate specific CPS instances or a group of integrations.</p> <p>To set the scope of a framework:</p> <ol><li><p>In J1 Compliance, select the framework you want to scope.</p></li> <li><p>Click <strong>Set Scope Filters</strong>.</p> <p><img src="https://us.v-cdn.net/6035534/uploads/584ZZRBAMF7N/compliance-scope-filters.png" alt="" class="embedImage-img importedEmbed-img"></img></p></li> <li><p>In the Set scope filters dialog, click the blue + icon.</p> <p><img src="https://us.v-cdn.net/6035534/uploads/IZRDZ6DLVAPY/compliance-add-scope.png" alt="" class="embedImage-img importedEmbed-img"></img></p></li> <li><p>To select permission filters, in the scope filter set dialog, click the Permission tab. From the dropdown menu, select a permission filter.</p> <p>You can filter on the following:</p></li> </ol><ul><li><p><code class="code codeInline" spellcheck="false" tabindex="0">_type</code>: Type of asset, such as datastore or persons</p></li> <li><p><code class="code codeInline" spellcheck="false" tabindex="0">_class</code>: Class of asset, such as requirement or image</p></li> <li><p><code class="code codeInline" spellcheck="false" tabindex="0">_integrationClass</code>: Category of integration, such as Data Loss Prevention or App Hosting</p></li> <li><p><code class="code codeInline" spellcheck="false" tabindex="0">_integrationType</code>: Type of integration, such as Jira or GovCloud</p></li> <li><p><code class="code codeInline" spellcheck="false" tabindex="0">integrationInstanceId</code>: Your integration account ID</p></li> <li><p>A custom filter of your own<br> </p></li> </ul><p> <img src="https://us.v-cdn.net/6035534/uploads/LBHH2VFAUHWX/compliance-add-filters.png" alt="" class="embedImage-img importedEmbed-img"></img></p> <p> You can also set scope filters using <code class="code codeInline" spellcheck="false" tabindex="0">_tag</code> values, giving you the ability to filter frameworks to assets<br> with that tag. This feature is useful if you are using critical assets or tags to manage your <br> integrations. Enter the name of the tag you want to use and the values that pertain to the tag you<br> are using.</p> <p> <img src="https://us.v-cdn.net/6035534/uploads/Y6241NQ33LSD/compliance-add-tag-filter.png" alt="" class="embedImage-img importedEmbed-img"></img></p> <p>After you set the filters, they take effect the next time J1 evaluates the framework requirements.</p> </article> </main>