Using the FedRAMP Automation (OSCAL) GitHub Release

old.reddit.com / @/u/4MvZbT, https://old.reddit.com/user/4MvZbT

When it comes to OSCAL, I understand the what, but not the how. I understand that the goal of OSCAL is to automate the monitoring of control implementation, and that it does so through a set of extensible formats which support a range of risk management processes.

I've been reading this guide to learn more about the XML and JSON files included in the FedRAMP Automation release, but I'm having a hard time making sense of it (I'm not a software developer).

What am I supposed to do with these XML/JSON files to automate the creation of SSPs, monitor the implementation of controls, etc.? Are there any resources which teach XML/JSON noobs how to get started with OSCAL?

Thank you!

submitted by /u/4MvZbT
[link] [comments]

published 11 months ago


Previous

Strengthening security and optimizing resources using Microsoft 365 Government
published about 1 year ago

Next

What challenges does the government face when contracting cloud/IT services or resources from the private sector?
published 10 months ago
See all items from the same source