SAQ Enables Users to Pick and Choose Questions for Custom Templates
Last updated on: September 6, 2020
Qualys Security Assessment Questionnaire (SAQ) has been enhanced with new features for questionnaire templates, which enable customers to choose questions that they want to include in their campaigns.
The new Question Bank option in the SAQ Template Editor provides users with a repository of out-of-the-box questions. Qualys SAQ is a licensed user of 2018 Shared Assessments Standardized Information Gathering (SIG) Questionnaire. The Question Bank includes all the questions from the 2018 SIG Questionnaire that can be picked and added to custom templates. This simplifies the process of creating or editing custom templates for internal as well as external vendor assessments.
Additionally, the existing Library option has been enhanced to allow users to browse thru all the existing templates and choose only the required questions to be added to the custom templates. For example, SAQ provides 30+ out-of-the-box templates for NIST 800:53. Now, users can browse across all the 30+ templates and create their own custom template with only those questions that are required for their assessments.
Question Bank for the Ease of Campaign Creation
The Question Bank option includes an out-of-the-box list of questions that users can pick and choose to create their own questionnaires. Users can browse thru all the SIG sections, select the relevant questions and add them to their custom template.
The Question Bank displays the SIG sections and the corresponding questions that can be picked either at a parent level or at a child level. Each chosen question is then added to the template that the user creates.
Library to Select Questions Across Multiple Templates
The enhanced Library option allows users to browse thru all the available templates and select the most relevant questions for their custom template. The library of out-of-the-box questions contains questions that are categorized based on the widely used compliance standards such as GDPR, PCI-DSS, HIPAA and so on.
Users can select a compliance category and then choose questions from multiple templates within the selected category and add them to the custom template.
Once the custom template is created with the chosen questions, users can use the template to carry out their campaigns and evaluate the compliance posture of their organization or their vendors.