Wipro in collaboration with Symantec offers CaaS which uses Control Compliance Suite (CCS), the industry leading technology to manage Compliance and Security Configuration Assessments.

1. Wipro’s Complianceas aService[CaaS]
Page| 1
Introduction:
Compliance describes the goal that organizations aspire to achieve in their efforts to ensure that they are aware
of and take steps to comply with relevant laws and regulations. Corporate scandals and breakdowns are
reputational risk and have highlighted the need for stronger compliance and regulations across the globe.
Increasing complexity and prevalence of compliance to regulations are becoming a costly and time consuming
challenge to manage.
Problem Definition:
In a rapidly changing business and IT environment, the key challenge for any organization is to obtain better
visibility into assets on the network, understand regulatory requirements, identify the critical components of IT
and define security requirements based on business needs. Each asset should be governed by a clear policy,
which is often a combination of industry benchmarks and best practices.
Solution Details:
Wipro in collaboration with Symantec offers CaaS which uses Control Compliance Suite (CCS), theindustry
leading technology to manageCompliance and Security Configuration Assessments.
Solution snapshot:
 Conduct fine-grain network and asset discovery
across virtual and physical data centers.
 Discover rogue networks and assets.
 Harden security configuration settings across
the physical and virtual infrastructure.
 Automate the assessment of technical controls
and security configuration standards across the
assets.
 Identify configuration drifts and misconfigured
assets.
 Identify servers and databases missing critical
patch updates and having known default
configuration settings.
 Deliver role-based and operational mandate-
based reporting on security configuration
across multiple security standards and
regulatory requirements.
 Assess once and map results to multiple
regulatory compliance requirements.
 Govern Compliance Management process by
tracking the remediation plans.

2. Wipro’s Complianceas aService[CaaS]
Page| 2
Solution framework:
Building blocks
of the
framework
Sample tasks in each block
Assess • Define scope of compliance program
• Common Control frameworkto address multiple regulatoryrequirements
Coverage • Supports Oracle, SQL Server, MySQL and DB2databases
• Supports Windows, Red hat Linux, AIX, SuSE, Sun, Novell, HP, Microsoft Exchangeand
VMWare
• Support for ISO 27001-2013, NIST Cybersecurity Framework, PCI DSS v 3.0, OVAL, SCAP
1.2
Customize • Custom Standards and checks
• Customizable multi-level Reports for security operations
Discovery • Auto discover utility to find rogue networks and assets
Schedule • Automateassessment of security configurations & procedural controls
• AutomatePolicy definition and lifecycle administration
• Job Monitoring & Automated Alerts
Workflow • Completely workflow driven
• Various user roles like user, application owner, DBA, Security officer aredefined and
integratedin the workflow model
Security • Approval process
• Segregationof Duties
• Access Governance
• Authentication throughEnterprise AD / PKI
• Granularrole authorization
Report • Mandatebased reporting
• Web-based dynamic dashboards and reports
Monitor • Continuous monitoring
• Need based alerts
Assess Coverage Customize Discovery Schedule Workflow Security Report Monitor

3. Wipro’s Complianceas aService[CaaS]
Page| 3
Business benefits:
Wipro’s CaaS offering provides a unique approach to address the Compliance requirement of an organization:
Architecture
that scalable
to the needs
of the
customer’s
enterprise
Robust
security model
reflecting
customer’s
security
assurance
needs
Service offerings
to augment all
elements of
customer’s
operating model
Experienced People,
Maturedprocesses &
industry leading
technologies ready to
deploy
• Flexible Deployment with dedicated performance, yet offering an Opex-based Cost Model.
• Automated asset discovery and profiling ensuring comprehensive vulnerability identification.
• Real-time intelligence of risk-based compliance posture.
• Fast, out-of-the box reporting for compliance mandates like PCI-DSS, FISMA, HIPAA-HITECH etc.,
• Lower remediation and tracking efforts with ready-to-use remediation plans.
• Comprehensive and flexible Role-based reporting.
Key Differentiators:
CaaS is delivered from Wipro’s ServiceNXTTM
Security Intelligence Center (SIC), a fully managed service with
experienced personnel, matured processes and cutting edge technology.
A 24x7x365 Remote Service Delivery from global Security Intelligence Center.
Customized SOPs & reporting formats as per the need of the Customer.
Access governance enabled environment.
Continuous two-way Communication with Customer stakeholders.
SLA-based service delivery model with defined KPIs and metrics.
Security Intelligence Portals for single-window view of Compliance and Service Management.
Reduced costs- Capacity-based monthly recurring charges with minimal capital investments.