search

bcgov / range-ios

Apache License 2.0
4 stars 1 forks source link

Add missing compliance audit file - old #162

Closed repo-mountie[bot] closed 4 years ago

repo-mountie[bot] commented 4 years ago

TL;DR 🏎️

Your repo is missing a compliance audit file so I've created this PR with a template that you can update with the correct PIA and STRA status (status options in the table below). If you'd like me to do this for you skip to the commands below.

Compliance

Projects in our organization (bcgov) need to complete a Privacy Assessment (PIA) and Security Threat & Risk Assessment (STRA) before they go live in production. Since every ministry has their own way of doing both the STRA and PIA we don't enforce that projects do them, only that they report on the current status.

To help with reporting, I've added a compliance audit file as part of this pull request. Please checkout this branch and edit update status as needed. Here is a table of possible states:

Status Description
TBD If you're surprised by this news, use this state. I'll let you talk to your MISO and check back later.
in-progress Use this state when your assessment(s) are underway.
completed Use this state when your assessment(s) are completed. πŸ™Œ πŸŽ‰
exempt The PIA or STRA isn't applicable to your project / repo.

Here is what a completed audit file might look like:

name: compliance
description: |
  This document is used to track a projects PIA and STRA
  compliance.
spec:
  - name: PIA
    status: in-progress
    last-updated: '2019-11-22T00:03:52.138Z'
  - name: STRA
    status: completed
    last-updated: '2019-11-22T00:03:52.138Z'

For more information check out the BC Policy Framework for GitHub.

Pro Tip πŸ€“

Commands πŸ€–

I can update the status of the PIA and STRA for you; you'll just need to merge the PR when I'm done. You can find the available STATUS values in the table above. Below are some commands I understand:

Command Description
/help You're freaking out and want to talk to a person.
/update-pia STATUS You want me to update the PIA status.
/update-stra STATUS You want me to update the STRA status.

Examples

/update-pia completed
/update-stra in-progress
jleach commented 4 years ago

Fixed some issues with the bot and added features based on feedback. Closing this issue; the bot will create a new one as needed.

micheal-w-wells commented 4 years ago

@repo-mountie update-stra completed

jleach commented 4 years ago

The branch was deleted so it could not update the file. I opened it. Lets see if the bot circles back. @repo-mountie update-stra completed

jleach commented 4 years ago

@micheal-w-wells This PR is a bit out of date. I've renamed it. The bot will notice this over night and should create a new PR you can interact with.