Closed jkaufman-mitre closed 1 month ago
Removed Policy 10.1 because there is no implementation for the policy. Agencies will be evaluated on their in-house procedures for items such as this as part of their NIST 800-53 control assessments. The technical implementation steps are already covered within this policy group.
Moved 11.2 to Policy Group 10 (#318)
Moved 11.2 to Policy Group 10 (#318)
Looks like this change might not have been pushed yet?
Made Common Controls 11.1 a SHALL.
TTP Mappings have been added.
@adhilto @buidav Can you review this. This one is ready for review again.
As discussed, removed Issue 290 for 2.2. Context Aware Access revamp will happen in the next release after Coast.
@adhilto Please review the 2.1 section for Coast release including changes to the implementation steps.
11.2 is unchanged as @adhilto mentioned in the email thread. Since there is a separate issue for this( #318 ), recommend to create a separate branch for this and commit separately as this PR tackles multiple issues already. Having a separate branch and PR (per issue) would ease the tracking and updates. @jkaufman-mitre @mdueltgen @adhilto @buidav any thoughts on this
11.2 is unchanged as @adhilto mentioned in the email thread. Since there is a separate issue for this( #318 ), recommend to create a separate branch for this and commit separately as this PR tackles multiple issues already. Having a separate branch and PR (per issue) would ease the tracking and updates. @jkaufman-mitre @mdueltgen @adhilto @buidav any thoughts on this
I agree, that's the right call (with the caveat that branch be made after this one is merged in to ease merge conflicts). I just edited the description of this PR to remove that issue so it's accurate and so that that issue won't auto-close once this PR is merged.
11.2 is unchanged as @adhilto mentioned in the email thread. Since there is a separate issue for this( #318 ), recommend to create a separate branch for this and commit separately as this PR tackles multiple issues already. Having a separate branch and PR (per issue) would ease the tracking and updates. @jkaufman-mitre @mdueltgen @adhilto @buidav any thoughts on this
I agree, that's the right call (with the caveat that branch be made after this one is merged in to ease merge conflicts). I just edited the description of this PR to remove that issue so it's accurate and so that that issue won't auto-close once this PR is merged.
Sounds good I will make sure #318 and #290 are in different branches for the next release. I think now that those two have been removed from the description of this PR, I think we should be good to do review of PR as is and merge for Coast.
๐ฃ Description
The following changes were made within the common controls baseline:
๐ญ Motivation and context
Fixes #240 Fixes #252 Fixes #274 Fixes #276
๐งช Testing
โ Pre-approval checklist
โ Pre-merge Checklist
Squash and merge
button.โ Post-merge Checklist