| CPC H04L 63/1425 (2013.01) [H04L 63/20 (2013.01)] | 11 Claims |
|
1. A compliance monitoring platform, comprising:
a plurality of internal assets of an enterprise, each of the plurality of internal assets being subject to at least one compliance standard;
a computing device including a processor and a memory, the memory storing instructions which, when executed, cause the computing device to:
collect a plurality of publicly available authoritative sources including:
a set of regulatory compliance rules; and
cyber threat intelligence information;
collect a plurality of internal policies corresponding to the plurality of internal assets, the internal policies including a risk landscape;
align and cross-map the plurality of publicly available authoritative sources, the plurality of internal policies, and the plurality of internal assets;
overlay the set of regulatory compliance rules with the plurality of internal policies;
overlay the cyber threat intelligence information with the risk landscape;
detect a change in at least one of the publicly available authoritative sources, the plurality of internal policies, and the plurality of internal assets;
determine an adequacy of the plurality of internal policies based on the detected change, the overlaying of the set of regulatory compliance rules with the plurality of internal policies, and the overlaying of the cyber threat intelligence information with the risk landscape;
provide guided assistance for the enterprise to maintain conformance with the at least one compliance standard of each of the plurality of internal assets;
generate a compliance check based on the determination of adequacy when any one of the plurality of publicly available authoritative sources is modified; and
generate an indication of a compliance status for the one of the plurality of internal assets when the one of the plurality of publicly available authoritative sources is modified.
|