FedRAMP naming convention of parts within terms-and-conditions deviates from the requirement found in NIST.
Who is the bug affecting?
Anyone following nist guidelines for 1.0.4 trying to validate in fedramp validation tool for AP.
What version of OSCAL are you using?
1.0.4
What is affected by this bug?
fedRAMP Validator.
When does this occur?
When validating parts for terms and conditions. The assessment-inclusions from NIST is named included-activities in FedRAMP validator, the assessment-exclusions is named excluded-activities, and the liability-limitations is not defined by NIST at all.
Expected behavior (i.e. solution)
Naming convention needs to be standardized between the FedRAMP use-case and the NIST required naming convention.
Telos-sa
commented
1 year ago 
Describe the bug
FedRAMP naming convention of parts within terms-and-conditions deviates from the requirement found in NIST.
Who is the bug affecting?
Anyone following nist guidelines for 1.0.4 trying to validate in fedramp validation tool for AP.
What version of OSCAL are you using?
1.0.4
What is affected by this bug?
fedRAMP Validator.
When does this occur?
When validating parts for terms and conditions. The assessment-inclusions from NIST is named included-activities in FedRAMP validator, the assessment-exclusions is named excluded-activities, and the liability-limitations is not defined by NIST at all.
Expected behavior (i.e. solution)
Naming convention needs to be standardized between the FedRAMP use-case and the NIST required naming convention.
Other Comments