Compliance & Reporting
PatchCTL helps meet compliance requirements for patch management.
Compliance Frameworks
PatchCTL supports documentation for:
- SOC 2 - System and Organization Controls
- PCI DSS - Payment Card Industry
- HIPAA - Health Insurance Portability
- ISO 27001 - Information Security
- CIS Controls - Center for Internet Security
Compliance Score
Your compliance score reflects:
- Percentage of servers fully patched
- No pending security updates
- No critical CVEs
Score calculation:
Compliant Servers / Total Servers × 100
Audit Trail
PatchCTL maintains complete audit logs:
- Who performed actions
- What was changed
- When changes occurred
- Which servers affected
Access via Settings → Audit Logs.
Compliance Reports
Available Reports
Compliance Summary
- Overall compliance score
- Servers by patch status
- Outstanding security updates
- Trend over time
CVE Exposure Report
- Vulnerabilities by severity
- Affected systems
- Remediation timeline
- Risk assessment
Patch History Report
- All patches applied
- Success/failure rates
- Timeline of changes
- Package details
Generating Reports
- Go to Reports
- Select report type
- Choose date range
- Filter by servers (optional)
- Generate PDF
Scheduled Reports
Automate report generation:
- Settings → Scheduled Reports
- Add schedule
- Configure report type and frequency
- Add recipient emails
Evidence Collection
For auditors, PatchCTL provides:
- Exportable reports (PDF)
- API access to data (coming soon)
- Audit log exports
- Point-in-time snapshots