Security Governance Overview
What Is Security Governance?
Security Governance in SecMaster can help you quickly assess how well your workloads comply with some security standards and practices. Based on Huawei Cloud Service Cybersecurity & Compliance Standard (3CS), it offers security governance templates to help you comply with PCI DSS, ISO 27701, ISO 27001, and more. It automatically checks your services against preset compliance policies and displays compliance status in an intuitive way. You can download check reports to check details.

Before using security governance in SecMaster, you need to submit a service ticket to enable the service.
Application Scenarios
Security Governance in SecMaster can help you easily assess how well your cloud workloads comply with applicable security standards, regulations, and laws. You will quickly find the gap, rectify issues, and get related certification faster. SecMaster provides security governance templates and compliance policy scanning services. The standard clauses in security compliance packs have been converted into check items. If you subscribe to a compliance pack, SecMaster can automatically check your workload compliance with check items in the pack and generate a report for you.
Features
Security Governance provides you with security governance templates and checks your services based on regulation terms in the compliance packs.
- Compliance Pack
Huawei's security governance templates include detailed terms, scan policies, compliance evaluation items, and improvement suggestions from Huawei experts, covering PCI DSS, ISO27701, ISO27001, privacy protection, and other standards. You can subscribe to and unsubscribe from compliance packs and view results.
- Policy Check
The compliance status of cloud assets is checked periodically through code-based scanning. You can view compliance risks on the dashboard, and obtain corresponding improvement suggestions from our experts.
- Compliance Evaluation
Security Governance integrates regulatory clauses and standard requirements into compliance pack check items. You complete evaluation of your services using the compliance pack, and view evaluation results. You can also view historical results, upload and download evidence, and take actions based on suggestions from our experts.
- Result Display
Security Governance displays the evaluation results and compliance status on the dashboard, including the compliance rates of the compliance packs you subscribed to, and the compliance rate of each term the regulations and standards, each security, as well as the policy check results.
Advantages
- Compliance as a Service
Security Governance provides the unified Cloud Service Cybersecurity & Compliance Standard (3CS). It integrates regulatory clauses and standard requirements into your business and information technologies by providing various 3CS-based security governance templates.
- Improved Efficiency
Security Governance opens security governance templates for you to be compliant with PCI DSS, ISO 27701, and ISO 27001, providing compliance policies and evaluation items. With your authorization, Security Governance automatically scans your cloud assets against compliance policies, and the service evaluation items help you quickly manage the compliance status. You can download compliance reports in few clicks.
- Intuitive Display
Security Governance presents both the overall compliance information and requirement-specific compliance status on the dashboard. You can easily identify potential problems and take actions based on expert suggestions.
Process of Using SecMaster
Table 1 shows the process of using SecMaster security governance.

Step |
Description |
---|---|
Before using security governance, you need to authorize SecMaster to access your cloud service resources. After that, you can check cloud assets on security compliance through policy scanning. |
|
SecMaster provides different security compliance packs. You can subscribe to the one that best fits your needs. |
|
You can execute check items in the compliance pack you subscribe to and evaluate your service compliance. |
|
Viewing the result |
After policy scanning or self-assessment, you can view the security governance status.
|
Security Governance provides security compliance reports. You can download the reports to learn of how well your services comply with mainstream security standards. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot