Skip to main content

Compliance Readiness Checklist

Updated over a week ago

Use this checklist to ensure your organization meets core device-security controls across macOS, Windows, and Linux. You can view each control’s status on an individual device’s Security Compliance pane or in the global Compliance Center.


1. Auto-apply Security Patches (Control SW-1)

What it is:
Devices automatically download and install operating system and application updates.


How to verify:

  • Per-device view: “Software Update policy” shows Deployed.

  • Compliance Center: SW-1 status is Complete.
    Policy to configure:

  • macOS – Software Update Policy

  • Windows – Windows Software Update Policy

  • Linux – Linux Software Update Policy


2. Screensaver Lock & Full-Disk Encryption (Control SW-2)

Sub-Control

What it is

How to verify

Policy to configure

Screensaver lock

Locks the screen after inactivity.

Status Deployed

Screensaver Policy

Full-disk encryption

Ensures the startup disk is encrypted at rest.

Status Turned On or Deployed

macOS – FileVault Policy Windows – BitLocker Auto Policy


3. Login Window Policy (Control SW-4)

What it is:
Configures the login window to require credentials and display user names appropriately.
How to verify:

  • Per-device view: “Login Window policy” shows Deployed.

  • Compliance Center: SW-4 status is Complete.
    Policy to configure:

  • macOS – Login Window Policy


4. Password Validation & Manager (Control SW-5)

Sub-Control

What it is

How to verify

Policy to configure

Password complexity & history

Enforces minimum length, complexity, age, history, and reuse rules.

Shows Deployed

Password Policy (macOS, Windows, Linux)

Password-manager installation

Ensures an approved password-manager app is present on all devices.

Shows Deployed

Add the “Password Manager” App Policy


5. (Optional) Malware Detection

What it is:
Ensures an antivirus solution is installed and running.
How to verify:

  • Per-device view: “Device must have Antivirus installed” shows Deployed.
    Policy to configure:

  • Antivirus Installation Policy


Where to Check Status

  1. Per-Device Security Compliance

    • From Device Management > Device Inventory, click any device’s row to open its details pane.

    • Under Security Compliance, each control lists its Requirements and current Status.

  2. Compliance Center

    • Navigate to Compliance Center in the sidebar.

    • Locate controls SW-1 through SW-5.

    • Incomplete or Not Supported controls include a Recommended Action link—click it to jump straight to the policy setup page.


Pro Tip:

  • If a control shows Not Supported, ensure the device OS meets the policy’s minimum requirements.

  • Use the Generate Report button in either view to export your compliance status for audits or executive review.

Did this answer your question?