Data sheet
HPE IT Operations
Compliance
Be smarter about IT compliance
IT Compliance is a high-stakes issue
No matter what the latest IT trend may be—cloud, Big Data, DevOps, bring your own device
(BYOD)—companies are still under tremendous pressure to meet and demonstrate IT
compliance to regulatory requirements and internal policies. And while IT budgets are shrinking,
the cost of non-compliance continues to increase.
Lawsuits and fines can cost companies millions, or even billions, for a single breach. It not only
causes public embarrassment and loss of business when customers lose trust, and then insert
the potential for criminal prosecution, and the indirect costs may be even higher.
IT compliance and policy management requirements are also increasing—Payment Card
Industry (PCI), Sarbanes-Oxley (Act of 2002) (SOX), Health Insurance Portability and
Accountability Act of 1996 (HIPAA),—and the list of regulatory, commercial, and internal
mandates just keeps growing.
Now consider the myriad device types, operating systems, and applications being used by
employees (many of which are not authorized by IT). Add to all this the fact that in most
organizations IT teams are siloed with different compliance requirements and tools, and
IT compliance management seems nearly impossible.
Data sheet
Page 2
Be smarter about IT compliance management with
HPE IT Operations Compliance
Designed to ensure IT compliance at the business service level, HPE IT Operations Compliance
unifies policy management across IT silos and provides visibility into the overall compliance of
business services.
HPE IT Operations Compliance provides a single, flexible policy management model for use
across all resource types. This unifies the IT compliance management process across silos
and provides a common definition of the desired state for automated audit and remediation.
IT compliance information when you need it
Quickly and easily prove that your IT systems are meeting PCI, HIPAA, SOX, and other
compliance mandates. All you have to do is open a browser to view your current state of
IT compliance across IT silos and share details about remediation timeframes.
Increased productivity
See productivity gains across IT silos by automating compliance scanning and remediation
processes. Maintain ongoing, continuous compliance and cut down the time spent on
IT compliance management activities from weeks and months to hours and days.
Decreased risk
Lower risks with enforceable, ongoing compliance. Sustain automated, ongoing IT compliance
management, and stop project-based compliance checks that only report on a single point in
time to pass an audit—and are likely out of date before the audit is over.
Quick time to value
Achieve quick IT compliance management, and stay up- to -date with the latest regulatory should
be standards by using out-of-the-box policies and industry best practices such as PCI, HIPAA, and
CIS. Create your own policies with predefined rules for many resource types or create your own
rules for scanning and remediating.
Say goodbye to audit anxiety in four steps
Step 1: Identify policies to follow
Use out-of-box policies for regulatory standards and industry best practices (PCI, CIS, etc.) and
define additional policies for internal standards and IT compliance requirements.
Figure 1: Out-of-the-box PCI compliance policy
Data sheet
Page 3
Step 2: Define business services
Import and synchronize business service definitions from your CMDB or service catalog. You
can also define business services manually.
Figure 2: Business service example
Step 3: Subscribe business services to policies
Assign policies to business services, and leverage existing processes for change approvals,
notifications, etc. Define service-level objectives (SLOs), maintenance windows, and exceptions.
Link policies to services in the catalog, so IT compliance begins when the service is created.
Figure 3: Example of policy details for a business service
Data sheet
Step 4: View optimized compliance information
Now your IT compliance process is automated, so you can review your compliance status at
any time. HPE IT Operations Compliance will determine which rules to run for which resource at
what time, scanning and remediating all the different resources in a business service regardless
of resource type.
Figure 4: Example of IT compliance results for a single business service
Accelerating IT compliance
HPE IT Operations Compliance provides visibility into the overall IT compliance management
of business services to the required policies, and a simple setup will have you quickly managing
your challenges around IT compliance. Now, you can unify IT compliance management across
silos with a single, flexible policy management model for use across all resource types.
Get started today
Getting started with HPE IT Operations Compliance is easy. Download the trial today, and find
out if your business services are compliant. hpe.com/software/opscompliance
Learn more at
hpe.com/software/opscompliance
hpe.com/software/compliancecommunity
Sign up for updates
Rate this document
© Copyright 2015–2016 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change
without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty
statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.
Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
4AA6-1356ENW, May 2016, Rev. 1