FIM+ and IBM® Compliance Center

Statement of Direction – MainTegrity FIM+®

Support for IBM® Z Security and Compliance Center

MainTegrity FIM+ will provide File Integrity Monitoring (FIM) data to IBM Z Security and Compliance Center, consistent with the announced specifications of May 27, 2022. MainTegrity will enhance, FIM+ to provide information specifically required for controls 10.5 (FIM required) and 11.5 (monitor log files) for alteration in the PCI/DSS standard. The IBM Compliance Center collects this and other data to allow customers to map on-going operational actions to PCI DSS, NIST SP 800.53 and other security standards. FIM+ also provides information relevant to other controls and other compliance standards.

FIM+

As a separate z/OS product, FIM+ provides real-time file integrity monitoring for z/OS systems. FIM+ improves cyber security with advanced detection of malicious software, faster attack response via forensics browser and granular recovery functions. By delivering real solutions for existing cyber security gaps, FIM+ eliminates many resiliency issues, while addressing current mainframe reporting with compliance controls. In addition to controls in PCI-DSS and NIST SP800.53, FIM+ also addresses requirements in ISO27001, Cyber Resiliency for Financial Infrastructures, GDPR, SOX, and other common security standards. For a full list visit maintegrity.com/compliance/

Customer value

As specified in the IBM announcement FAQ “you might reduce … audit prep by over 40%”. FIM+ could further increase customer savings by satisfying controls that would otherwise require manual updating, for instance PCI / DSS 10.5 and 11.5. FIM+ will supply all the data required for input to many controls when requested by the IBM compliance app. FIM+ currently has all the require connectivity to make use of the templating and reporting capabilities provided. Availability will be consistent with customer requirement.