The Requirement Generation Tool is a critical component of the OpenATO ecosystem. It will help agencies simplify the ATO process by providing a suite of tools for generating and assessing system requirements, building security plans, and creating agency profiles. The tool will include a Catalog Builder, an Assessment Builder that integrates MITRE InSpec tests and Heimdal output, an SSP Builder, and a capability for agencies to create profiles that specify their components. The tool will also export requirements to the SSP Manager Platform, enabling agencies to transfer their requirements to the latter platform with ease.
Problem
The Requirement Generation Tool is needed to address the complexity and inefficiencies in the ATO process. By providing a suite of tools for generating and assessing system requirements, building security plans, and creating agency profiles, the tool will help agencies shift compliance left, so that security compliance is built into systems from the start, and development teams can build systems more efficiently. The tool will also help improve the accuracy of ATO documents, ensuring that government technology is more secure and that the public can confidently access the benefits and services they need.
Solution | Goal
The Requirement Generation Tool will provide agencies with the tools they need to generate and assess system requirements, build security plans, and create agency profiles. The tool will integrate with the SSP Manager Platform, enabling agencies to transfer their requirements to the latter platform with ease. By shifting compliance left and improving the accuracy of ATO documents, the tool will help improve the security of government technology and increase the efficiency of the ATO process.
References
graph LR
A[Generate System Requirements & Docs] --> B[Devs Know Requirements]
B --> C[Devs Can Create Compliance Tests]
C --> D[Compliance is Done in Parallel to Development]
D --> E[Government Technology is More Secure]
E --> F[ATO Documents Reflect Reality]
F --> G[Public Can Confidently Access Benefits & Services]
D --> H[Systems Better Reflect Agency Needs]
H --> I[Agency Staff Have More Time for Mission]
I --> J[Government Delivers Services More Efficiently]
J --> K[Public Can Confidently Access Benefits & Services]
Acceptance Criteria
[ ] Export requirements to the SSP Manager Platform
Overview
The Requirement Generation Tool is a critical component of the OpenATO ecosystem. It will help agencies simplify the ATO process by providing a suite of tools for generating and assessing system requirements, building security plans, and creating agency profiles. The tool will include a Catalog Builder, an Assessment Builder that integrates MITRE InSpec tests and Heimdal output, an SSP Builder, and a capability for agencies to create profiles that specify their components. The tool will also export requirements to the SSP Manager Platform, enabling agencies to transfer their requirements to the latter platform with ease.
Problem
The Requirement Generation Tool is needed to address the complexity and inefficiencies in the ATO process. By providing a suite of tools for generating and assessing system requirements, building security plans, and creating agency profiles, the tool will help agencies shift compliance left, so that security compliance is built into systems from the start, and development teams can build systems more efficiently. The tool will also help improve the accuracy of ATO documents, ensuring that government technology is more secure and that the public can confidently access the benefits and services they need.
Solution | Goal
The Requirement Generation Tool will provide agencies with the tools they need to generate and assess system requirements, build security plans, and create agency profiles. The tool will integrate with the SSP Manager Platform, enabling agencies to transfer their requirements to the latter platform with ease. By shifting compliance left and improving the accuracy of ATO documents, the tool will help improve the security of government technology and increase the efficiency of the ATO process.
References
Acceptance Criteria
Team
No response