OSCAL Public Announcement

hackmd.io / Michaela Iorga

  • NOTE: This is a draft of the OSCAL Gold Medal Award announcement combined with the key point of the strategic plan of NIST intention of evolving OSCAL from a project to a program that aims to rapidly grow and become sustainable through the community’s broader engagement. The announcement can be distributed via email, go on our website and posted on social media by NIST. The management and possibly PA approvals might be necessary. NIST OSCAL Team's Commitment Over the past years, OSCAL emerged as a research project aiming to deliver, through collaboration with GSA/FedRAMP and the industry, a machine-readable language expressed in XML, JSAON and YAML able to represent control catalogs, control baselines, system security plans, and assessment plans and results. OSCAL was managed as an initiative loosely coordinated and run from within two groups within Computer Security Division (CSD) of ITL. The OSCAL team's dedication and hard work resulted in the development and rapid adoption of the Open Security Controls Assessment Language which "is already solving foundational problems that stymied even the simplest data sharing and compliance automation, like consistent identifiers for organizational defined parameters. Importantly, the establishment of an open, government-backed standard has both forced and elevated critical conversations long needed around enabling the exchange of compliance data and compliance automation." (Greg Elin, Principal OSCAL Engineer, RegScale)
    Michaela Iorga changed 7 months agoEdit mode Like  Bookmark
  • discovered over 1 year ago




    See all items from the same source