Home
Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Understanding the results in BigFix Compliance Analytics
Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
Viewing PCI DSS compliance results
This section shows how you can view the results of PCI DSS compliance at a checklist, checks, and check results levels.
Viewing reports on BigFix Compliance Analytics V2.0 and later
Viewing the Checks List report
The Checks List report shows the list of checks available in a policy checklist.

Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
- Overview
  HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
- Setup
  Complete configuration steps to access the PCI DSS checklists and checks and ensure accurate relevance evaluation on the endpoints.
- Using checks and checklists
  The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
- Understanding the results in BigFix Compliance Analytics
  Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
  - Starting BigFix Compliance Analytics
    Use any of the supported web browsers to open the web-based application.
  - Importing data to BigFix Compliance Analytics
    Depending on your configuration, the Extract Transform and Load (ETL) process that computes the compliance status of each check and checklist could take a long time. To ensure that you are viewing the latest reports, verify that the imports are configured to run automatically and that a recent import has completed successfully.
  - Viewing reports from BigFix Compliance Analytics
    BigFix Compliance Analytics displays reports that contain the compliance status of your deployment. Each PCI DSS checklist and its checks are exported periodically into Compliance Analytics.
  - Viewing PCI DSS compliance results
    This section shows how you can view the results of PCI DSS compliance at a checklist, checks, and check results levels.
    - Viewing reports on BigFix Compliance Analytics V2.0 and later
      - Viewing the Overview report
        Starting from BigFix Compliance Analytics V2.0 and later, the home page defaults to the Overview report that provides a graphical representation of the Policy History, Computers by Policy Quartile, and Check Results History for all PCI DSS Policies.
      - Viewing the Policy View List report
        The Policy View List report shows a list of policies that provide the cumulative state aggregated on the level of a specific PCI DSS requirement or milestone. Results from the Requirements and Milestones reports include summary views at the home page or on the computer level.
      - Viewing the Policy View Overview report
        The Policy Overview report shows information about a single policy and overall, historical compliance for the policy as applied to all computers visible to logged in users.
      - Viewing the Policy Checklist List report
        A policy checklist is based on the policy views or compliance approaches that are made available in BigFix Compliance Analytics V2.0.9. It contains a collection of checks that may belong to multiple PCI DSS checklists or sites.
      - Viewing the Policy Checklist Overview report
        The Policy Checklist Overview report shows information about a single policy checklist, which may contain checks from multiple PCI DSS checklists or sites. It includes information such as the quantity of checks in the policy checklist, and the overall, historical aggregate compliance for the policy checklist as applied to all computers visible to logged in users.
      - Viewing the Checks List report
        The Checks List report shows the list of checks available in a policy checklist.
      - Viewing the Checks Overview report
        The Checks Overview report shows detailed information about a check, such as the source information, description, and remediation steps. It also contains overall, historical aggregate compliance of the check as evaluated by all computers visible to logged in users.
      - Viewing the Check Results List report
        The Check Results List report shows the checklist, check name, computer name, the date when the results were last seen, and the level of compliance. It provides the attributes of each computer and check, and the historical compliance result for each check on each computer.
    - Viewing custom reporting on BigFix Compliance Analytics V1.8 and earlier
  - Creating exceptions
    You can file for the endpoint to be excluded from the PCI DSS checks if some endpoints require compliance to older policies or standards.
- Resources
  You can find more information about Security Configuration Management and PCI DSS in the following resources.

Viewing the Checks List report

The Checks List report shows the list of checks available in a policy checklist.

In the following figure, the Policy Checklist Overview report shows that there are 336 checks available in the PCI DSS Requirement 2 checklist. To view these checks in detail, drill down to the checks by clicking on the link.

Number of available checks in a checklist — Figure 1. Number of available checks in a checklist

You can also access the Check List report from the Policy List report by the Report View drop-down list, which is highlighted in the following figure. This method allows you to view all the checks for a policy view, as well as to drill down to a particular checklist and then view its checks.

Drop-down option to change report views from the Policy List Report — Figure 2. Policy List Report

The Checks report shows the list of checks in the given scope together with the attributes of each check and the overall, historical aggregate compliance results (the aggregate of all visible computer's pass and fail score) of each check. To see the direct reference to a standard, you can configure the report view to display the Source ID.

Drop-down option to change report views from the Policy List Report — Figure 3. List of checks

Alternatively, you can access the overall Checks List report from the Overview report in the home page. You can then filter the checks according to your preference.

Overview report with the highlighted Checks link — Figure 4. Overview report with the highlighted Checks link