Compliance engine routes and escalates violations to specific teams and individuals. Using tags and other data from CMDB, compliance engine will identify security and compliance contacts for every configuration item involved in a violation. Assigning remediation tasks to the most appropriate team is the first step in pursuing expedited resolution. Using violation routing feature, SecDevOps teams can reduce their workloads by automatically forwarding remediation requests directly to the account and application owners.

Compliance engine is designed to allow those responsible for remediation to request an appeal from cloud security and compliance operations. Using Cloudaware CMDB workflows, appeal request can be escalated to multiple stakeholders. Ignoring violations even for legitimate reasons creates poor security governance culture where subsequently legitimate violations are likely to be ignored at some point. By dealing with legitimate violations using a process driven approach where no violation remains ignored, security teams not only protect cloud infrastructure, but also nurture culture of responsibility and transparency.

Approval workflows allow compliance engine administrators to create automated processes to handle appeal requests in response to compliance violations. Compliance engine supports advanced approval workflows where multiple concurrent stakeholders are required for a sign off as well as staggered processes where various department representatives will sign off sequentially. Cloudaware approval workflows feature is designed to avoid situations where violations are in a dead end state and are ignored.

Compliance engine provides insightful indicators about how various teams are handling compliance violations. Besides standard metrics, such as violation volume over time and mean time to repair, compliance engine dashboards show which teams are overloaded with violations and will not be able to resolve violations within a pre-configured timeline. Customers are able to compare their statistics, such as mean time to repair, exception rate and others against statistical average of other Cloudaware customers. This feature helps customers to establish a point of reference of how they are performing relative to the industry standard and whether their processes require an improvement.