Creating and managing audits McAfee Policy Auditor allows you to create audits based on benchmarks and assign them to run on systems. McAfee Policy Auditor evaluates systems against independent standards that are developed by government agencies and private industry. It can also evaluate systems against standards you create (using Benchmarks that you create). You can create audits from a McAfee-supplied selection of predefined benchmarks established by government and industry such as SOX, HIPAA, PCI, and FISMA. You can also create audits based on third-party benchmarks or benchmarks that you create yourself. Audits return results that include a score allowing you to determine how well a system complies with the rules in the benchmark. Audits and how they work The software uses audits to determine the compliance status of a system, and returns results indicating areas that are out of compliance. Activate benchmarksYou must activate a benchmark in McAfee Benchmark Editor before you can include it in an audit. Tailor a benchmark Tailoring a benchmark changes the rules or rule settings used by the benchmark. Create an auditAudits determine whether systems comply with your security needs, and the results tell you what, if anything, needs to be done to make the systems compliant. Run an audit manuallyYou can manually run an audit when you must view results before the next scheduled audit. Disable an auditWhen an audit is disabled, McAfee Policy Auditor continues to purge information according to the schedule you have set. The audit doesn't run until you re-enable it. Delete auditsYou can delete an audit and all associated results and findings when you no longer need them. Audit whiteout and blackout periodsAudit whiteout periods are time intervals when an audit can run on a system or group of systems. Audit blackout periods are time intervals when an audit can't run. Service Level AgreementsService Level Agreements (SLA) are relationships that you create between system tags and patch severity levels. You then specify a number of days that you have to apply patches to systems that fit the relationship. How viewing audit results works McAfee Policy Auditor offers a number of options for viewing audit results. Exporting audits and audit resultsAudits and audit results can be exported in four formats: Asset Reporting Format (ARF), CyberScope, OVAL, and XCCDF. In each case, the information is saved as a .zip file. You can export an audit and transfer it to another McAfee ePO server, or transfer to a third-party application. Export auditsExport an audit to a file that conforms to the XCCDF or OVAL results schema.