A Single Control
@@ -114,7 +114,6 @@
A name given to the group, which may be used by a tool for display and navigation.
-
@@ -138,7 +137,6 @@
-
&allowed-values-control-group-property-name;
@@ -151,7 +149,7 @@
A group
may have its own properties, statements, parameters, and references, which are inherited by all members of that group.
-
+
My Group
@@ -183,7 +181,6 @@
A name given to the control, which may be used by a tool for display and navigation.
-
@@ -268,7 +265,7 @@
A control must have a part with the name "statement", which represents the textual narrative of the control. This "statement" part must occur only once, but may have nested parts to allow for multiple paragraphs or sections of text.
-
+
Control 1
diff --git a/src/metaschema/oscal_control-common_metaschema.xml b/src/metaschema/oscal_control-common_metaschema.xml
index 764d5f21da..af7afa4739 100644
--- a/src/metaschema/oscal_control-common_metaschema.xml
+++ b/src/metaschema/oscal_control-common_metaschema.xml
@@ -9,7 +9,7 @@
xmlns="http://csrc.nist.gov/ns/oscal/metaschema/1.0" xsi:schemaLocation="http://csrc.nist.gov/ns/oscal/metaschema/1.0 ../../build/metaschema/toolchains/xslt-M4/validate/metaschema.xsd" abstract="yes">
OSCAL Control Catalog Format -- Common Models
1.0.4
- oscal-catalog-common
+ oscal-control-common
http://csrc.nist.gov/ns/oscal/1.0
http://csrc.nist.gov/ns/oscal
@@ -74,6 +74,9 @@
&allowed-values-control-group-property-name;
+
+ Type of The Risk Management Framework 800-53A method to be use for assessment.
+
A part
provides for logical partitioning of prose, and can be thought of as a grouping structure (e.g., section). A part
can have child parts allowing for arbitrary nesting of prose content (e.g., statement hierarchy). A part
can contain prop
objects that allow for enriching prose text with structured name/value information.
@@ -84,10 +87,10 @@
Multiple Parts with Different Organization-Specific Names
-
- Something FedRAMP Cares About
- Something DoD Cares About
-
+
+ A requirement specific to FedRAMP stakeholders.
+ A requirement specific to the Department of Defense stakeholders.
+
@@ -98,12 +101,10 @@
Parameter
Parameters provide a mechanism for the dynamic assignment of value(s) in a control.
-
param
Parameter Identifier
-
A human-oriented, locally unique identifier with cross-instance scope that can be used to reference this defined parameter elsewhere in this or other OSCAL instances. When referenced from another OSCAL instance, this identifier must be referenced in the context of the containing resource (e.g., import-profile). This id should be assigned per-subject, which means it should be consistently used to identify the same subject across revisions of the document.
@@ -143,16 +144,14 @@
guideline
-
-
value
- A set of values provided in a catalog can be redefined at any higher layer of OSCAL (e.g., Profile).
+ A set of values provided in a catalog can be redefined in OSCAL's profile
or system-security-plan
models.
@@ -163,7 +162,6 @@
-
@@ -184,16 +182,13 @@
-
Constraint
A formal or informal expression of a constraint or test
-
Constraint Description
A textual summary of the constraint to be applied.
-
Constraint Test
A test expression which is expected to be evaluated by a tool.
@@ -216,12 +211,10 @@
Guideline Text
Prose permits multiple paragraphs, lists, tables etc.
-
-
Parameter Value
A parameter value or set of values.
@@ -245,10 +238,8 @@
A value selection among several such options
choice
value
-
-
A set of parameter value choices, that may be picked from to set the parameter value.
diff --git a/src/metaschema/oscal_profile_metaschema.xml b/src/metaschema/oscal_profile_metaschema.xml
index 6ed1d5bf7b..78ed9eafcc 100644
--- a/src/metaschema/oscal_profile_metaschema.xml
+++ b/src/metaschema/oscal_profile_metaschema.xml
@@ -109,7 +109,7 @@
-
+
Whenever combining controls from multiple (import) pathways, an issue arises of what to do with clashing invocations (multiple competing versions of a control).
@@ -124,7 +124,7 @@
As-Is Structuring Directive
- An As-is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes.
+ An As-Is element indicates that the controls should be structured in resolution as they are structured in their source catalogs. It does not contain any elements or attributes.
Custom grouping
@@ -150,7 +150,7 @@
- Control group
+ Control Group
A group of (selected) controls or of groups of controls