IBM Z® Security and Compliance Center (zSCC) is an integrated set of microservices that collects evidence data from participating IBM software components and products. It works with products and elements on your IBM Z platform running z/OS® or Linux® on Z system to collect and validate compliance data. 

IBM LinuxONE Security and Compliance Center offers function equivalent to IBM Z Security and Compliance Center for the LinuxONE platform.

Compliance audits are often a major time drain, taking staff away from more pressing efforts to satisfying auditor’s demands and stitching together data from multiple sources. Fighting mainframe compliance “drift"—maintaining, updating and adding new processes for compliance—can be a costly effort.

The IBM Z and LinuxONE Security and Compliance Center will help take the complexity out of your compliance workflow and the ambiguity out of audits.

Features

• **Keep data on platform: **Regulatory controls are translated to be IBM Z and LinuxONE-specific.
• **Centralized dashboard: **A set of security requirements protects cardholder data throughout its lifecycle.
• **Native evidence writing: **System-generated, time-stamped evidence provides added security.
• **Enterprise-level compliance: **Security and compliance management are driven by triggered evidence.
• **Customizable compliance frameworks: **Frameworks define security requirements for cloud services used by US Department of Defense.
• **Identify compliance misconfigurations: **Sysplexes deliver and store compliant, relevant data.

Benefits

• **Time and resource savings: **You might reduce audit prep from one month to one week and reduce the team on audit prep by over 40%.
• **Continuous monitoring: **Automated tracking stays current, even as regulations drift. A unified dashboard tracks ongoing compliance.
• **Process standardization: **Clarify processes and reduce the risk of less-experienced users misinterpreting changing regulations.
• **Automation and visibility: **Automate data validation against goals to help increase visibility into potential compliance oversights.
• **Auditor collaboration: **CISOs and auditors receive current views of compliance to accelerate the remediation process.
• **Increased visibility: **Automate data collection and validation against goals to increase visibility into compliance oversights.