Compliance as a Service

Prevalent Compliance as a Service LogoPrevalent Compliance as a Service (PCaaS) offers Prevalent enterprise clients the ability to more easily purchase and deploy compliance service modules tailored to their unique compliance requirements. The modules offer integrated solutions tying software technologies, services, hosting, and management to provide faster automation of regulatory compliance workflows.



The available PCaaS components are:



  • Policy Compliance Service (PCS) 
  • Policy management is the foundation for a mature security and it compliance program. PCS ties the power of the Prevalent Policy Portal and Symantec Control Compliance Suite Policy Manager to Prevalent’s Cloud Compliance Platform.  In addition to a scalable end-user portal for policy review and acceptance, PCS offers full policy life cycle management utilizing Symantec CCS Policy Manager and policy content developed by Symantec.

  • Prevalent Assessment Service (PAS) 
  • PAS is available as a stand-alone service or as an add-on to Prevalent’s Policy Compliance Service.  This service ties Symantec Control Compliance Suite Assessment Manager to Prevalent’s Cloud Compliance Platform.

    • Risk Assessment of Compliance Policy
    • Procedural Controls Management
    • Security Awareness Effectiveness
    • Testing on Computer Based Training
  • Technical Assessment Service (TAS) 
  • This service enables clients to leverage the power of CCS Standards Manager through a cloud platform.  TAS requires that customers host an on-premise Compliance Appliance (CA). The appliance can be a physical appliance, built and delivered by Prevalent, or a virtual Compliance Appliance (vCA) that can be delivered as an image.

    The Compliance Appliance is responsible for the secure delivery of technical configuration information into the Prevalent Compliance as a Service Cloud.  It leverages technical collection technology from Symantec CCS and Prevalent in a 1U form factor supported by Prevalent Networks operations personnel.

  • Prevalent Vendor Assess (PVA) 
  • The PVA program allows organizations to purchase a vendor risk management program in a fixed-price, fixed-deliverable package that is flexible enough to map to your existing controls, but standardized for people that want an “out of the box” solution. The solution is priced based on the number of vendor assessments you will manage in the solution, but can easily scale to add any number of vendor assessments you choose. It includes the process consulting to help map the vendor risk automation, Prevalent Compliance as a Service including Prevalent Vendor Risk Manager, and optionally the vendor risk operational staff if you want support in collecting and analyzing vendor risk evidence.

  • Risk Management Service (RMS) 
  • RMS enables clients to leverage the power of Symantec CCS Risk Manager hosted in the Prevalent Compliance as a Service Cloud and managed by Prevalent staff. The solution allows organizations to track their security and compliance metrics with information collected within the IT environment from Symantec CCS and other third party security/compliance technologies. Additionally, the service enables organizations to leverage the Symantec Protection Center Mobile application to review this evidence in the convenient form factor of an iPad application.

  • Vulnerability Assessment Service (VAS) 
  • VAS allows organizations to provide end-to-end discovery and vulnerability assessment of Web applications, databases, servers, and network devices.  Advanced reporting and risk scoring distinguishes potential vulnerabilities from real threats so that you can address your most critical and exploitable vulnerabilities first.  The solution leverages the power of Symantec CCS Vulnerability Manager hosted in the Prevalent Compliance as a Service cloud and managed by Prevalent.


  • Contact Us

  • Request a Demo