Open Telos-sa opened 3 weeks ago
Thanks for this report, @Telos-sa. We will review and consider what changes are possible and/or mandatory to subsequently brief the larger community at a later date. We appreciate the concise explanation and value proposition explanations.
This is a ...
request - need something additional provided
This relates to ...
What is your feedback?
In the legacy SAP document, under 6.1 Security Assessment Team, there are fields in the Parties table for "Validated by CSP" and "Validated by IA".
The documentation for the OSCAL SAP does not provide specific guidance on how to encode this information in OSCAL. This information could be encoded in the OSCAL SAP in the party assembly using props.
Could you provide guidance on whether to include this information as a prop (or some other method), or whether this information is not recommended to encode in the OSCAL SAP?
Where, exactly?
SAP Test Plan - Security Assessment Team
Other information
No response