Annual Compliance Report?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Annual Compliance Report?

L1 Bithead

Part of the reason that we purchased Prisma Cloud was to ease our compliance efforts, but it would seem that the compliance reports provided have a fixed start date matching the date we signed up and I can only select the end date. So, if I select today we get a report for the past 3+ years, but I really only need it for a 12 month period.

 

How can I create a compliance report with a user-defined start and end date, giving me only 12 months of data, not 3+ years?

1 accepted solution

Accepted Solutions

Prisma Cloud compliance reports are the compliance of one or more cloud accounts on a particular day - such as a customer's fiscal quarter-end or year-end.   Compliance is the report of your cloud objects on that date, how many have no compliance issues, and how many have compliance issues.  If a resource has no compliance issues (no open alerts) on the date specified, it means that the resource is compliant.  If a resource has any open alerts on the date specified (compliance issues) that resource is not compliant.  Compliance is about managing risk.  It does not matter whether the alert has been open for 1 hour, or since the day your cloud account was onboarded, the resource is still not compliant. 

It seems you have a different requirement for a compliance report that does not match Prisma Cloud's definition. 

Does this help to explain what is happening?  

Paul Burega, CSPM Customer Success Engineer Team Lead

Did you receive a reply that helped solve your question? Share it with others - click the "Accept as Solution" button!

View solution in original post

5 REPLIES 5

L0 Member

Create a new report and select the dates you'd like. 

1-  Select Compliance >  Overview  and select a standard from the standards list below the dashboard

2 - On the compliance standard page, use the filters above to narrow your data set by date and cloud account type. Click Create Report.

3 - Enter the following information and click Save:
     -Enter a descriptive Name for the report.
     -Enter the Email address to which you would like to send the scheduled report. Select the Custom Email Template checkbox if you wish to use a pre-selected notification template.
     -Select report frequency, One Time or Recurring.
     -If you select Recurring specify how often and when you want the report to run.

4 - On the "Compliance > Reports"  tab, you can use the provided filters to narrow the list of compliance reports displayed, or search for a specific report. You can also change the list view of the compliance reports and download the table view as a PDF.

 

Hope this helps, thanks!

BB

Hi BB,

Thanks for the reply and information, but the trouble is that when I select the date option I can only select one date, which is the end date.  The start date seems to be hard-coded to the date we joined Prisma Cloud in 2019.  So, by selecting a date, say July 31, 2023 on the Date filter the report generated shows the data from June 2019 to July 31, 2023.

 

What I'm trying to do is get a report with the date range of August 1, 2022 to July 31, 2023.  It's the start date that I can't seem to be able to set in any way.

 

Do you know of any tricks?

 

Thanks!

Prisma Cloud compliance reports are the compliance of one or more cloud accounts on a particular day - such as a customer's fiscal quarter-end or year-end.   Compliance is the report of your cloud objects on that date, how many have no compliance issues, and how many have compliance issues.  If a resource has no compliance issues (no open alerts) on the date specified, it means that the resource is compliant.  If a resource has any open alerts on the date specified (compliance issues) that resource is not compliant.  Compliance is about managing risk.  It does not matter whether the alert has been open for 1 hour, or since the day your cloud account was onboarded, the resource is still not compliant. 

It seems you have a different requirement for a compliance report that does not match Prisma Cloud's definition. 

Does this help to explain what is happening?  

Paul Burega, CSPM Customer Success Engineer Team Lead

Did you receive a reply that helped solve your question? Share it with others - click the "Accept as Solution" button!

Thanks, PBurega.

Yes, that does explain it.  Unfortunately, that also means that 90% of the reason we purchased Prisma was to make our compliance reporting easier and it has yet to do that because the auditors require annual reports.  So while our definition and Prisma's definition may match, the auditors don't care and they're the ones that really matter.

 

We have to show what alerts have happened over the past year, show that we addressed them, and it has to be for the defined range of time.  When the report only includes a single date or the date since the beginning of our subscription of Prisma it fails. The auditor has informed us that we would need to pull the report for each of the 365 days (366 if it's a Leap Year) to show compliance, which we're not going to do for obvious reasons.

 

I guess it is what it is.

If you want to look at the alerts for the past year, consider using the Alerts page. There you can specify a 12 month window, time range type of "Alert Opened" during the year,  with alert status of all.  You will then get the total number of alerts (you may need to select "Load More" several times), and you can sort by "Alert Status" to see all the resolved/dismissed/open alerts. 

You can also group by "Compliance Standard" and look at the alerts for a particular compliance standard.  As well as select other filters.  This should help you in your need to satisfy your auditor requirements. 

Paul Burega, CSPM Customer Success Engineer Team Lead

Did you receive a reply that helped solve your question? Share it with others - click the "Accept as Solution" button!
  • 1 accepted solution
  • 2828 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!