IT Brief UK - Technology news for CIOs & IT decision-makers
United Kingdom
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Digital Transformation
#
Cloud Security
#
Data Privacy

Qualys launches Policy Audit to slash compliance audit costs

Today
Author image
By Melania Watson, Interview Editor

Qualys has announced an enhancement to its policy compliance solution with the launch of Policy Audit, aiming to streamline audit efficiency, reduce compliance costs and lower regulatory risks for organisations.

The increase in regulatory requirements has presented significant challenges for enterprises; according to the Compliance Digital Transformation Report by Coalfire, nearly 70% of service organisations are subject to six or more regulatory frameworks. These requirements stretch operational resources and often result in higher costs.

The complexity is further complicated by system misconfigurations which can lead to instances of non-compliance and potential regulatory penalties.

Policy Audit introduces several automated features designed to address these challenges by reducing the reliance on manual processes. Sandeep Khanna, Chief Information Security Officer at the Unique Identification Authority of India (UIDAI), commented on the integration of Policy Audit, stating: "Integrating Qualys Policy Audit into our workflows has transformed how we manage compliance. The seamless collaboration between teams, combined with real-time visibility across multiple mandates, has streamlined our operations and enabled proactive risk management. It's a game-changer for audit readiness."

The Policy Audit solution works by automatically mapping collected evidence to major compliance frameworks such as PCI DSS 4.0, DORA, NIST, CMMC, and FedRAMP. It provides coverage across 450 technology types, includes over 1,000 out-of-the-box policies, and supports compliance with more than 90 frameworks.

This is intended to foster continuous compliance and audit readiness while helping to mitigate the risk of audit failures.

Among its features, the continuous audit readiness capability automates evidence collection and reduces the risk of human error, offering organisations a way to monitor audit gaps via real-time compliance posture dashboards. According to Qualys, the use of automated policy compliance can reduce audit failure rates by as much as 95%, allowing organisations to proactively address risks that could result in fines or penalties.

Policy Audit also incorporates Qualys TruRisk, which maps compliance and data privacy risks automatically while identifying and prioritising critical misconfigurations according to business impact and asset and threat exposure. This functionality is intended to help organisations focus resources on the most significant vulnerabilities, and to understand the effect of these vulnerabilities across various regulatory mandates.

With regard to operational workflow, Policy Audit includes automated IT Service Management (ITSM) workflows to connect silos between teams, ensuring necessary information moves efficiently to the relevant parties. Its integration with Governance, Risk, and Compliance (GRC) tools aims to improve visibility and streamline both compliance tracking and risk management.

Policy Audit features automated remediation workflows to accelerate the response to compliance gaps and reduce the window of exposure to breaches.

On the reporting side, the solution enables organisations to generate multiple customisable reports from a single data collection process, utilising more than 90 pre-mapped mandates. These reports can be adapted for audiences such as executives and stakeholders, facilitating audits on demand and reportedly cutting audit costs by up to 50%.

Sumedh Thakar, President and Chief Executive Officer of Qualys, commented: "Organisations are facing a growing number of mandates, and audit readiness is more critical than ever. Yet many struggle with complex regulations, limited staff, tight budgets, and manual processes—making compliance costly and error-prone."

"Policy Audit transforms audits from a source of stress into a streamlined, automated process that empowers teams to do more while keeping the organisation continuously audit ready."

In conjunction with Policy Audit, Qualys has introduced Audit Fix, an optional feature designed to help limit breach exposure. Audit Fix allows users to remediate audit findings before they escalate into compliance issues using a library of pre-defined scripts and policies, which can be integrated into continuous integration and deployment (CI/CD) pipelines.

Customisable remediation workflows further contribute to continuous compliance and risk reduction.

Qualys Policy Audit is expected to be available in the second quarter of the year.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Lack of employee skills threatens value of AI investments
Skyfire & Cequence partner to enable secure AI agent access
AttackIQ launches Academy Enterprise for cybersecurity training
Tray.ai launches ITSM Agent to automate IT support tasks
Sync achieves strong 2024 growth & wins four UK frameworks
Top stories
Calabrio boosts contact centres with over 70 new AI features
Scalefusion launches in UK & Ireland to bolster cybersecurity
X-PHY unveils real-time on-device deepfake detection tool
Checkmarx One brings cloud security tools directly into IDEs
Klearcom launches Verify+ for enhanced global IVR testing