Qualys Security Assessment Questionnaire.

Let Qualys SAQ’s wizard walk you through the creation of campaigns, including assigning deadlines and configuring notifications

Create questionnaires with Qualys SAQ’s drag-and-drop UI, or tap Qualys SAQ’s template library of surveys for regulations like HIPAA, Basel 3 and SOX, and industry standards like PCI

Require that respondents attach evidence files for certain answers

Form questions with various types of answer formats, such as multiple-choice check boxes, drop-down menus and open-ended text boxes

Configure questions to be dynamically shown or hidden based on a prior response

Design campaigns with different workflows: Accept surveys once they’ve been completed by respondents, or require extra steps, such as supervisor reviews and approvals

Assign criticality levels to questions, and a score for answer options in the questionnaire templates. The question criticality scale is customizable with labels and answer weights

Allow respondents to delegate questions to peers that are better able to answer them

Enter respondent emails in the Qualys SAQ web console and Qualys SAQ auto-provisions the surveys, sending out links to the web-based questionnaires

Centrally manage and track the progress of all of your campaigns

Monitor response activity in dashboards updated in real time, and literally watch as questions are answered

Let supervisors review the format and content of questionnaires before they’re launched and even while a campaign is in progress

Set up recurring campaigns that need to be run with a specific frequency

Support a wide variety of risk assessment use cases within your organization and externally with your vendors, contractors, partners and consultants, including:

• Auditing current vendors to make sure they remain compliant
• Evaluating vendors bidding for your business
• Assessing for the first time a key supplier you just signed up
• Conducting a “postmortem” assessment of a slip-up by one of your third parties
• Verifying your employees understand IT security and compliance policies and procedures

Quickly and efficiently completing questionnaires from any browser at any time

Securely attaching evidence files with drag-and-drop convenience

Delegating questions to other users or user groups based on their role

Receiving reminder emails regarding due dates and completion status

Provide high-level dashboards for executives and detailed views for internal auditors and compliance officers

When generating reports, filter data by question criticality and answer scores to derive an overall risk score or identify high risk areas

Create custom dashboards designed to reflect the risk and compliance postures of specific third parties

Slice and dice campaign results using a variety of criteria, such as by vendor, respondent or specific questions

Generate proof of compliance with detailed reports