forked from usnistgov/oscal-content
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Assessment Plan, Result, and POA&M Models (#681)
* Renamed group-as names to make them more consistent. * Moved levergaed-authorizations to system-implementation. Made system-implementation and control-implementation required. * Added metadata and fixed other front matter in content * Updated examples with AU-5 mock-up data * Filled in missing titles and descriptions. Added role/user. * Updates to examples. Tweak to SSP Metaschema * Adding metaschema support for UUIDs. Implemented uuids addressing issue #676. * Fixed broken schema and schematron paths. * Fixed content to use new uuid-based flags. * Profile resolution test set update to M3 models * Updating profile resolver; renaming uuid support XSLT (usnistgov#42) * Removed SSL certificate check for wget to deal with broken SSL cert on apache archive site. * Updated OSCAL version in metaschema files. * Migrated definition of a system interconnection and service into components. The "service" and "interconnection" component types are now used to define these. (#498) * Flattened party -> org/person to be just party. Party now has a type which identifies if the party is a person or organization. * Added SHA-3 algorithms to the hash algorithm list. (#632) * Fixed Docker container to run scripts that require in-place editing. * Fixed SSP elements that reference a component UUID, but lacked the correct type. * Added a location title. * Updating metaschema support to fix bug (usnistgov/metaschema#56). * Added "homepage" link relation. * Fixed message error in round-trip validation which indicated the wrong type of conversion as compared to what was actually happening. Fixed remaining round-trip issues. * Updated Assessment Metaschemas * Updated FedRAMP Profiles * WIP - UUID transition prep * WIP assessment * Finished UUID Transition * Significant assessment metaschema updates * Assessment metaschema changes * Assessment metaschema changes * party assembly tweaks * Assessment Metaschema Updates * Updated FedRAMP Profiles * additional assessment model tweaks * SAR and POA&M Model Adjustments * Metaschema gymnastics * Fixed invalid content. * SSP Example - Remove Schema Line * Baselines with relative path to catalog * Baseline path tweaks Co-authored-by: David Waltermire <[email protected]> Co-authored-by: Wendell Piez <[email protected]> Co-authored-by: Wendell Piez <[email protected]>
- Loading branch information
1 parent
8bdd6fd
commit 07e0811
Showing
11 changed files
with
42,178 additions
and
70,405 deletions.
There are no files selected for viewing
12,564 changes: 9,681 additions & 2,883 deletions
12,564
fedramp.gov/xml/FedRAMP_HIGH-baseline_profile.xml
Large diffs are not rendered by default.
Oops, something went wrong.
3,249 changes: 1,734 additions & 1,515 deletions
3,249
fedramp.gov/xml/FedRAMP_LI-SaaS-baseline_profile.xml
Large diffs are not rendered by default.
Oops, something went wrong.
5,775 changes: 4,620 additions & 1,155 deletions
5,775
fedramp.gov/xml/FedRAMP_LOW-baseline_profile.xml
Large diffs are not rendered by default.
Oops, something went wrong.
10,506 changes: 8,141 additions & 2,365 deletions
10,506
fedramp.gov/xml/FedRAMP_MODERATE-baseline_profile.xml
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,38 +1,34 @@ | ||
<!-- Produced by SP800-53-profile-with-filter.xsl 2018-05-14-04:00 | ||
runtime parameter settings: $baseline='HIGH' --> | ||
<profile | ||
xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
id="uuid-9d0593f5-c6ed-44b8-9127-ad5c310f8e34"> | ||
<profile xmlns="http://csrc.nist.gov/ns/oscal/1.0" uuid="9d0593f5-c6ed-44b8-9127-ad5c310f8e34"> | ||
<metadata> | ||
<title>NIST Special Publication 800-53 Revision 4 HIGH IMPACT BASELINE</title> | ||
|
||
<last-modified>2019-09-23T14:22:55.113-04:00</last-modified> | ||
<last-modified>2020-05-29T23:29:27.272-04:00</last-modified> | ||
<version>2015-01-22</version> | ||
<oscal-version>1.0.0-milestone1</oscal-version> | ||
<oscal-version>1.0.0-milestone3</oscal-version> | ||
|
||
<role id="creator"><title>Document Creator</title></role> | ||
<role id="contact"><title>Contact</title></role> | ||
|
||
<party id="IT-JTF"> | ||
<org> | ||
<org-name>Joint Task Force, Transformation Initiative</org-name> | ||
<address> | ||
<addr-line>National Institute of Standards and Technology</addr-line> | ||
<addr-line>Attn: Computer Security Division</addr-line> | ||
<addr-line>Information Technology Laboratory</addr-line> | ||
<addr-line>100 Bureau Drive (Mail Stop 8930)</addr-line> | ||
<city>Gaithersburg</city> | ||
<state>MD</state> | ||
<postal-code>20899-8930</postal-code> | ||
</address> | ||
<email>[email protected]</email> | ||
</org> | ||
<party uuid="31a5dd8f-978a-4558-8ade-846211607d40" type="organization"> | ||
<party-name>Joint Task Force, Transformation Initiative</party-name> | ||
<address> | ||
<addr-line>National Institute of Standards and Technology</addr-line> | ||
<addr-line>Attn: Computer Security Division</addr-line> | ||
<addr-line>Information Technology Laboratory</addr-line> | ||
<addr-line>100 Bureau Drive (Mail Stop 8930)</addr-line> | ||
<city>Gaithersburg</city> | ||
<state>MD</state> | ||
<postal-code>20899-8930</postal-code> | ||
</address> | ||
<email>[email protected]</email> | ||
</party> | ||
<responsible-party role-id="creator"> | ||
<party-id>IT-JTF</party-id> | ||
<party-uuid>31a5dd8f-978a-4558-8ade-846211607d40</party-uuid> | ||
</responsible-party> | ||
<responsible-party role-id="contact"> | ||
<party-id>IT-JTF</party-id> | ||
<party-uuid>31a5dd8f-978a-4558-8ade-846211607d40</party-uuid> | ||
</responsible-party> | ||
</metadata> | ||
<import href="#catalog"> | ||
|
@@ -1238,7 +1234,7 @@ | |
</alter> | ||
</modify> | ||
<back-matter> | ||
<resource id="catalog"> | ||
<resource uuid="catalog"> | ||
<desc>NIST Special Publication 800-53 Revision 4: Security and Privacy Controls for Federal | ||
Information Systems and Organizations</desc> | ||
<rlink href="NIST_SP-800-53_rev4_catalog.xml" media-type="application/oscal.catalog+xml"/> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,38 +1,34 @@ | ||
<!-- Produced by SP800-53-profile-with-filter.xsl 2018-05-14-04:00 | ||
runtime parameter settings: $baseline='LOW'--> | ||
<profile | ||
xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
id="uuid-13172679-d468-4a88-8d7f-3afdeffedff8"> | ||
<profile xmlns="http://csrc.nist.gov/ns/oscal/1.0" uuid="13172679-d468-4a88-8d7f-3afdeffedff8"> | ||
<metadata> | ||
<title>NIST Special Publication 800-53 Revision 4 LOW IMPACT BASELINE</title> | ||
|
||
<last-modified>2019-09-23T14:24:06.243-04:00</last-modified> | ||
<last-modified>2020-05-29T23:29:27.272-04:00</last-modified> | ||
<version>2015-01-22</version> | ||
<oscal-version>1.0.0-milestone1</oscal-version> | ||
<oscal-version>1.0.0-milestone3</oscal-version> | ||
|
||
<role id="creator"><title>Document Creator</title></role> | ||
<role id="contact"><title>Contact</title></role> | ||
|
||
<party id="IT-JTF"> | ||
<org> | ||
<org-name>Joint Task Force, Transformation Initiative</org-name> | ||
<address> | ||
<addr-line>National Institute of Standards and Technology</addr-line> | ||
<addr-line>Attn: Computer Security Division</addr-line> | ||
<addr-line>Information Technology Laboratory</addr-line> | ||
<addr-line>100 Bureau Drive (Mail Stop 8930)</addr-line> | ||
<city>Gaithersburg</city> | ||
<state>MD</state> | ||
<postal-code>20899-8930</postal-code> | ||
</address> | ||
<email>[email protected]</email> | ||
</org> | ||
<party uuid="fcde62b1-8cce-4a57-a26b-b07ad2865ae1" type="organization"> | ||
<party-name>Joint Task Force, Transformation Initiative</party-name> | ||
<address> | ||
<addr-line>National Institute of Standards and Technology</addr-line> | ||
<addr-line>Attn: Computer Security Division</addr-line> | ||
<addr-line>Information Technology Laboratory</addr-line> | ||
<addr-line>100 Bureau Drive (Mail Stop 8930)</addr-line> | ||
<city>Gaithersburg</city> | ||
<state>MD</state> | ||
<postal-code>20899-8930</postal-code> | ||
</address> | ||
<email>[email protected]</email> | ||
</party> | ||
<responsible-party role-id="creator"> | ||
<party-id>IT-JTF</party-id> | ||
<party-uuid>fcde62b1-8cce-4a57-a26b-b07ad2865ae1</party-uuid> | ||
</responsible-party> | ||
<responsible-party role-id="contact"> | ||
<party-id>IT-JTF</party-id> | ||
<party-uuid>fcde62b1-8cce-4a57-a26b-b07ad2865ae1</party-uuid> | ||
</responsible-party> | ||
</metadata> | ||
<import href="#catalog"> | ||
|
@@ -744,7 +740,7 @@ | |
</alter> | ||
</modify> | ||
<back-matter> | ||
<resource id="catalog"> | ||
<resource uuid="catalog"> | ||
<desc>NIST Special Publication 800-53 Revision 4: Security and Privacy Controls for Federal | ||
Information Systems and Organizations</desc> | ||
<rlink href="NIST_SP-800-53_rev4_catalog.xml" media-type="application/oscal.catalog+xml"/> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,38 +1,34 @@ | ||
<!-- Produced by SP800-53-profile-with-filter.xsl 2018-05-14-04:00 | ||
runtime parameter settings: $baseline='MODERATE'--> | ||
<profile | ||
xmlns="http://csrc.nist.gov/ns/oscal/1.0" | ||
id="uuid-f5c7fb3c-b4d8-49ff-9ebf-cd6d484c2d7b"> | ||
<profile xmlns="http://csrc.nist.gov/ns/oscal/1.0" uuid="f5c7fb3c-b4d8-49ff-9ebf-cd6d484c2d7b"> | ||
<metadata> | ||
<title>NIST Special Publication 800-53 Revision 4 MODERATE IMPACT BASELINE</title> | ||
|
||
<last-modified>2019-09-23T14:25:40.027-04:00</last-modified> | ||
<last-modified>2020-05-29T23:29:27.272-04:00</last-modified> | ||
<version>2015-01-22</version> | ||
<oscal-version>1.0.0-milestone1</oscal-version> | ||
<oscal-version>1.0.0-milestone3</oscal-version> | ||
|
||
<role id="creator"><title>Document Creator</title></role> | ||
<role id="contact"><title>Contact</title></role> | ||
|
||
<party id="IT-JTF"> | ||
<org> | ||
<org-name>Joint Task Force, Transformation Initiative</org-name> | ||
<address> | ||
<addr-line>National Institute of Standards and Technology</addr-line> | ||
<addr-line>Attn: Computer Security Division</addr-line> | ||
<addr-line>Information Technology Laboratory</addr-line> | ||
<addr-line>100 Bureau Drive (Mail Stop 8930)</addr-line> | ||
<city>Gaithersburg</city> | ||
<state>MD</state> | ||
<postal-code>20899-8930</postal-code> | ||
</address> | ||
<email>[email protected]</email> | ||
</org> | ||
<party uuid="316876e2-5c7b-4a60-a488-2ed977238f04" type="organization"> | ||
<party-name>Joint Task Force, Transformation Initiative</party-name> | ||
<address> | ||
<addr-line>National Institute of Standards and Technology</addr-line> | ||
<addr-line>Attn: Computer Security Division</addr-line> | ||
<addr-line>Information Technology Laboratory</addr-line> | ||
<addr-line>100 Bureau Drive (Mail Stop 8930)</addr-line> | ||
<city>Gaithersburg</city> | ||
<state>MD</state> | ||
<postal-code>20899-8930</postal-code> | ||
</address> | ||
<email>[email protected]</email> | ||
</party> | ||
<responsible-party role-id="creator"> | ||
<party-id>IT-JTF</party-id> | ||
<party-uuid>316876e2-5c7b-4a60-a488-2ed977238f04</party-uuid> | ||
</responsible-party> | ||
<responsible-party role-id="contact"> | ||
<party-id>IT-JTF</party-id> | ||
<party-uuid>316876e2-5c7b-4a60-a488-2ed977238f04</party-uuid> | ||
</responsible-party> | ||
</metadata> | ||
|
||
|
@@ -1102,7 +1098,7 @@ | |
</alter> | ||
</modify> | ||
<back-matter> | ||
<resource id="catalog"> | ||
<resource uuid="catalog"> | ||
<desc>NIST Special Publication 800-53 Revision 4: Security and Privacy Controls for Federal | ||
Information Systems and Organizations</desc> | ||
<rlink href="NIST_SP-800-53_rev4_catalog.xml" media-type="application/oscal.catalog+xml"/> | ||
|
Oops, something went wrong.