DoD SRG FedRAMP+/IL Profile examples #7
Comments
|
Interesting! I'll take a look -- W |
|
Thanks! |
|
@anweiss I haven't taken it the entire distance ... |
|
This is a good start. Appendix D also includes the parameters for the controls and their respective Impact Levels (IL). |
david-waltermire
referenced
this issue
in usnistgov/OSCAL
Apr 3, 2018
# The first commit's message is: # This is a combination of 54 commits. # The first commit's message is: # This is a combination of 4 commits. # The first commit's message is: # This is a combination of 2 commits. # The first commit's message is: # This is a combination of 2 commits. # The first commit's message is: # This is a combination of 6 commits. # The first commit's message is: # This is a combination of 3 commits. # The first commit's message is: # This is a combination of 111 commits. # The first commit's message is: Initial commit of docs branch. # This is the commit message #2: Create CONTRIBUTING.md # This is the commit message #3: Create ROADMAP.md # This is the commit message #4: Update README.md # This is the commit message #5: Create README.md # This is the commit message #6: Update README.md # This is the commit message #7: Update README.md # This is the commit message #8: Create OSCAL-PRODUCERS.md # This is the commit message #9: Create OSCAL-CONSUMERS.md # This is the commit message #10: Update and rename OSCAL-CONSUMERS.md to USERS.md # This is the commit message #11: Update and rename OSCAL-PRODUCERS.md to IMPLEMENTERS.md # This is the commit message #12: Rename CONTRIBUTING.md to CONTRIBUTORS.md # This is the commit message #13: Update README.md # This is the commit message #14: Update README.md # This is the commit message #15: Update USERS.md # This is the commit message #16: Update README.md # This is the commit message #17: Update IMPLEMENTERS.md # This is the commit message #18: Update README.md # This is the commit message #19: Update ROADMAP.md # This is the commit message #20: Update USERS.md # This is the commit message #21: Update CONTRIBUTORS.md # This is the commit message #22: Update README.md # This is the commit message #23: Update README.md # This is the commit message #24: Update IMPLEMENTERS.md # This is the commit message #25: Update IMPLEMENTERS.md # This is the commit message #26: Rename CONTRIBUTORS.md to CONTRIBUTING.md # This is the commit message #27: Create control.md # This is the commit message #28: Update control.md # This is the commit message #29: Update control.md # This is the commit message #30: Update control.md # This is the commit message #31: Update control.md # This is the commit message #32: Add files via upload # This is the commit message #33: Update control.md # This is the commit message #34: Create temp.md # This is the commit message #35: Delete NIST-SP-800-53-Rev4-AC1.png # This is the commit message #36: Add files via upload # This is the commit message #37: Delete temp.md # This is the commit message #38: Add files via upload # This is the commit message #39: Update control.md # This is the commit message #40: Add files via upload # This is the commit message #41: Add files via upload # This is the commit message #42: Update control.md # This is the commit message #43: Update CONTRIBUTING.md # This is the commit message #44: Update CONTRIBUTING.md # This is the commit message #45: Update USERS.md # This is the commit message #46: Update CONTRIBUTING.md # This is the commit message #47: Delete CONTRIBUTING.md # This is the commit message #48: Delete USERS.md # This is the commit message #49: Add files via upload # This is the commit message #50: Delete CSA-CCM-IAM02.png # This is the commit message #51: Update control.md # This is the commit message #52: Update control.md # This is the commit message #53: Update control.md # This is the commit message #54: Update control.md # This is the commit message #55: Update control.md # This is the commit message #56: Update control.md # This is the commit message #57: Update control.md # This is the commit message #58: Update control.md # This is the commit message #59: Update control.md # This is the commit message #60: Update control.md # This is the commit message #61: Delete NIST-SP-800-53-AC1-in-OSCAL-XML.png # This is the commit message #62: Update README.md # This is the commit message #63: Update control.md # This is the commit message #64: Update control.md # This is the commit message #65: Add files via upload # This is the commit message #66: Delete ISO-27001-Control-A9.png # This is the commit message #67: Update control.md # This is the commit message #68: Add files via upload # This is the commit message #69: Add files via upload # This is the commit message #70: Delete ISO-27002-Control-9.1.1-part1.png # This is the commit message #71: Delete ISO-27002-Control-9.1.1-part2.png # This is the commit message #72: Update control.md # This is the commit message #73: Update control.md # This is the commit message #74: Update control.md # This is the commit message #75: Update control.md # This is the commit message #76: Update control.md # This is the commit message #77: Update README.md # This is the commit message #78: Update IMPLEMENTERS.md # This is the commit message #79: Add files via upload # This is the commit message #80: Delete oscal-layers.png # This is the commit message #81: Add files via upload # This is the commit message #82: Delete oscal-layers.png # This is the commit message #83: Add files via upload # This is the commit message #84: Update IMPLEMENTERS.md # This is the commit message #85: Update control.md # This is the commit message #86: Update IMPLEMENTERS.md # This is the commit message #87: Update control.md # This is the commit message #88: Rename IMPLEMENTERS.md to docs/prose/IMPLEMENTERS.md # This is the commit message #89: Rename IMPLEMENTERS.md to implementers.md # This is the commit message #90: Rearranged and outlined catalog documentation based on the conversation with karen and Wendell. # This is the commit message #91: Create catalog-xml.md # This is the commit message #92: Rename control.md to catalog.md # This is the commit message #93: Update catalog.md # This is the commit message #94: Update catalog.md # This is the commit message #95: Update catalog.md # This is the commit message #96: Update catalog-xml.md # This is the commit message #97: Update catalog-xml.md # This is the commit message #98: Update catalog-xml.md # This is the commit message #99: Update catalog-xml.md # This is the commit message #100: Update catalog-xml.md # This is the commit message #101: Update catalog-xml.md # This is the commit message #102: Update catalog-xml.md # This is the commit message #103: Update catalog-xml.md # This is the commit message #104: Update catalog-xml.md # This is the commit message #105: Update catalog-xml.md # This is the commit message #106: Docset migration to Slate # This is the commit message #107: Removing unused file. # This is the commit message #108: Update README.md Corrected a typo # This is the commit message #109: Add files via upload Graphical representation of OSCAL schemas aligned with Risk Management Framework steps and tasks. # This is the commit message #110: Create CONTRIBUTING.md # This is the commit message #111: Create ROADMAP.md # This is the commit message #2: Create README.md # This is the commit message #3: Update README.md # This is the commit message #2: Create OSCAL-PRODUCERS.md # This is the commit message #3: Create OSCAL-CONSUMERS.md # This is the commit message #4: Update and rename OSCAL-CONSUMERS.md to USERS.md # This is the commit message #5: Update and rename OSCAL-PRODUCERS.md to IMPLEMENTERS.md # This is the commit message #6: Rename CONTRIBUTING.md to CONTRIBUTORS.md # This is the commit message #2: Update USERS.md # This is the commit message #2: Update IMPLEMENTERS.md # This is the commit message #2: Update ROADMAP.md # This is the commit message #3: Update USERS.md # This is the commit message #4: Update CONTRIBUTORS.md # This is the commit message #2: Update IMPLEMENTERS.md # This is the commit message #3: Update IMPLEMENTERS.md # This is the commit message #4: Rename CONTRIBUTORS.md to CONTRIBUTING.md # This is the commit message #5: Create control.md # This is the commit message #6: Update control.md # This is the commit message #7: Update control.md # This is the commit message #8: Update control.md # This is the commit message #9: Update control.md # This is the commit message #10: Add files via upload # This is the commit message #11: Update control.md # This is the commit message #12: Create temp.md # This is the commit message #13: Delete NIST-SP-800-53-Rev4-AC1.png # This is the commit message #14: Add files via upload # This is the commit message #15: Delete temp.md # This is the commit message #16: Add files via upload # This is the commit message #17: Update control.md # This is the commit message #18: Add files via upload # This is the commit message #19: Add files via upload # This is the commit message #20: Update control.md # This is the commit message #21: Update CONTRIBUTING.md # This is the commit message #22: Update CONTRIBUTING.md # This is the commit message #23: Update USERS.md # This is the commit message #24: Update CONTRIBUTING.md # This is the commit message #25: Delete CONTRIBUTING.md # This is the commit message #26: Delete USERS.md # This is the commit message #27: Add files via upload # This is the commit message #28: Delete CSA-CCM-IAM02.png # This is the commit message #29: Update control.md # This is the commit message #30: Update control.md # This is the commit message #31: Update control.md # This is the commit message #32: Update control.md # This is the commit message #33: Update control.md # This is the commit message #34: Update control.md # This is the commit message #35: Update control.md # This is the commit message #36: Update control.md # This is the commit message #37: Update control.md # This is the commit message #38: Update control.md # This is the commit message #39: Delete NIST-SP-800-53-AC1-in-OSCAL-XML.png # This is the commit message #40: Update README.md # This is the commit message #41: Update control.md # This is the commit message #42: Update control.md # This is the commit message #43: Add files via upload # This is the commit message #44: Delete ISO-27001-Control-A9.png # This is the commit message #45: Update control.md # This is the commit message #46: Add files via upload # This is the commit message #47: Add files via upload # This is the commit message #48: Delete ISO-27002-Control-9.1.1-part1.png # This is the commit message #49: Delete ISO-27002-Control-9.1.1-part2.png # This is the commit message #50: Update control.md # This is the commit message #51: Update control.md # This is the commit message #52: Update control.md # This is the commit message #53: Update control.md # This is the commit message #54: Update control.md # This is the commit message #2: Update IMPLEMENTERS.md # This is the commit message #3: Add files via upload # This is the commit message #4: Delete oscal-layers.png # This is the commit message #5: Add files via upload # This is the commit message #6: Delete oscal-layers.png # This is the commit message #7: Add files via upload # This is the commit message #8: Update IMPLEMENTERS.md # This is the commit message #9: Update control.md # This is the commit message #10: Update IMPLEMENTERS.md # This is the commit message #11: Update control.md # This is the commit message #12: Rename IMPLEMENTERS.md to docs/prose/IMPLEMENTERS.md # This is the commit message #13: Rename IMPLEMENTERS.md to implementers.md # This is the commit message #14: Rearranged and outlined catalog documentation based on the conversation with karen and Wendell. # This is the commit message #15: Create catalog-xml.md # This is the commit message #16: Rename control.md to catalog.md # This is the commit message #17: Update catalog.md # This is the commit message #18: Update catalog.md # This is the commit message #19: Update catalog.md # This is the commit message #20: Update catalog-xml.md # This is the commit message #21: Update catalog-xml.md # This is the commit message #22: Update catalog-xml.md # This is the commit message #23: Update catalog-xml.md # This is the commit message #24: Update catalog-xml.md # This is the commit message #25: Update catalog-xml.md # This is the commit message #26: Update catalog-xml.md # This is the commit message #27: Update catalog-xml.md # This is the commit message #28: Update catalog-xml.md # This is the commit message #29: Fixed typos, updated repo documentation, and migrated documentation for use in Slate. Corrected a typo (+4 squashed commit) Squashed commit: [6ada57f] Removing unused file. [503ad71] Docset migration to Slate [351257e] Update catalog-xml.md [aae1e8b] Add files via upload Graphical representation of OSCAL schemas aligned with Risk Management Framework steps and tasks.
|
We can do this after we address the FedRAMP baselines (#89). |
|
ping @brianrufgsa @david-waltermire-nist ... do either you know of any examples of profiles for the IL baselines? CC @smichelotti |
|
@anweiss I'm sorry. I do not know of any. The FedRAMP profiles might be a good start for creating the FedRAMP-plus baselines. In theory, a profile author would |
|
Are we planning on hosting the FedRAM+ profiles on our GitHub?
…________________________________
On: 27 February 2020 12:12,
"Brian Ruf" <[email protected]<mailto:[email protected]>> wrote:
@anweiss<https://github.com/anweiss> I'm sorry. I do not know of any. The FedRAMP profiles might be a good start for creating the FedRAMP-plus baselines.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<https://github.com/usnistgov/OSCAL/issues/108?email_source=notifications&email_token=ADKWGINBCFBOXZ343CBUD43RFANDJA5CNFSM4EQCCJHKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOENFZDYI#issuecomment-592155105>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ADKWGIJYG7W5SSAL5YQUDBTRFANDJANCNFSM4EQCCJHA>.
|
david-waltermire
added a commit
to david-waltermire/oscal-content
that referenced
this issue
Sep 23, 2020
- Implemented Round Trip testing of XML->JSON->XML on content in CI/CD workflow. - Repaired error in catalog and profile metaschemas, with Schematron checks to detect these errors. - Removing whitespace stripping in converted content - Repairing bug in round trip handling of quote marks " (usnistgov#7)
|
All FedRAMP profiles are being maintained in the GSA/fedramp-automation repository. An issue should be opened there if this is still needed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Looking for an implementer that is interested in taking a stab at creating profiles for the DoD Cloud Computing Security Requirements Guide (SRG) FedRAMP+/Impact Level controls? -> https://iasecontent.disa.mil/cloud/SRG/index.html#_Tbl2. Can easily extract from the HTML table. You'll end up with the following profiles:
The text was updated successfully, but these errors were encountered: