In the General Information section, provide general control information. This information appears in control details when the control is added to a policy and when included in policy compliance reports. You can also search for controls in the controls list using this general information. For example, perform a search for text included in the control statement or for controls within a particular category.
Statement. Provide a control statement that describes how the control should be implemented in the environment.
Category. Select the control category, such as Access Control Requirements, Database Settings, and Services.
Sub-Category. Select the control sub-category, such as Account Creation/User Management, DB Encryption, and Patch Management. The drop-down list includes sub-categories that are relevant to the selected Category.
Comments. Enter comments for the control. The comments appear when you view the technical control information from the controls list.
Once saved, the service will assign the control a unique control ID (CID). The CID is visible when you edit the control and when you view Technical Control Information from the controls list.