Policy Auditor (PA) was introduced in HBSS Baseline 2.0. PAPolicy Auditor is responsible for ensuring compliance with mandates such as: [[PCIPayment DSSCard Industry Data Security Standard]] (PCI DSS), [[Sarbanes–Oxley Act|SOX of 2002]] (SOX), [[GLBAGramm–Leach–Bliley Act]] of 1999 (GLBA), [[HIPAAHealth Insurance Portability and Accountability Act of 1996]] (HIPAA), [[FISMAFederal Information Security Management Act of 2002]] (FISMA), as well as the best practice frameworks [[ISO 27001]] and Control Objectives for Information and Related Technology ([[COBIT]]). PA maps IT controls against predefined policy content, McAfee Policy Auditor helps report consistently and accurately against key industry mandates and internal policies across your infrastructure or on specific targeted systems. Policy Auditor is an agent-based IT audit solution that leverages the Security Content Automation Protocol (SCAP) to automate the processes required for internal and external IT audits.<ref>'''{{cite web|title=McAfee Policy Auditor'''.|url=http://www.mcafee.com/us/enterprise/products/system_security/clients/policy_auditorpolicy-auditor.html,3/14/2010aspx|accessdate=15 November 2012}}</ref>
